urlscan.io logo urlscan.io
SecurityTrails logo

www.flaresenha.com Open in urlscan Pro
190.89.239.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.flaresenha.com/
Effective URL: https://www.flaresenha.com/
Submission: On February 08 via manual from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 11 countries across 57 domains to perform 584 HTTP transactions. The main IP is 190.89.239.168, located in Brazil and belongs to HVC-AS, US. The main domain is www.flaresenha.com.
TLS certificate: Issued by R3 on December 20th 2022. Valid for: 3 months.
This is the only time www.flaresenha.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 58 190.89.239.168 29802 (HVC-AS)
2 2a00:1450:400... 15169 (GOOGLE)
142 2a00:1450:400... 15169 (GOOGLE)
1 190.89.238.70 28209 (Under Ser...)
5 2a00:1450:400... 15169 (GOOGLE)
2 190.89.239.12 29802 (HVC-AS)
8 2606:4700:1::... 13335 (CLOUDFLAR...)
2 92.123.36.4 16625 (AKAMAI-AS)
8 2606:4700:e2:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 85.17.31.162 60781 (LEASEWEB-...)
28 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 213.227.149.183 60781 (LEASEWEB-...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
48 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 3.10.72.72 16509 (AMAZON-02)
9 23.35.209.30 16625 (AKAMAI-AS)
2 23.203.125.36 16625 (AKAMAI-AS)
1 2a00:1450:402... 15169 (GOOGLE)
21 50 142.251.208.98 15169 (GOOGLE)
4 10 185.80.39.216 27381 (CASALE-MEDIA)
4 7 185.89.211.12 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.201.123.184 396982 (GOOGLE-CL...)
6 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 34.98.64.218 396982 (GOOGLE-CL...)
16 142.250.180.226 15169 (GOOGLE)
60 2a00:1450:400... 15169 (GOOGLE)
3 4 185.94.180.125 35220 (SPOTX-AMS)
4 4 3.126.56.137 16509 (AMAZON-02)
3 34.149.12.213 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 142.250.27.155 15169 (GOOGLE)
1 2 34.255.210.6 16509 (AMAZON-02)
1 3.124.119.57 16509 (AMAZON-02)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.180.198 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 34.240.83.138 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.241 21859 (ZEN-ECN)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 3.125.102.19 16509 (AMAZON-02)
2 2 52.58.51.57 16509 (AMAZON-02)
2 2 76.223.111.18 16509 (AMAZON-02)
4 2600:9000:230... 16509 (AMAZON-02)
13 2600:1f13:800... 16509 (AMAZON-02)
1 85.14.248.91 24961 (MYLOC-AS ...)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 52.58.82.235 16509 (AMAZON-02)
4 4 213.155.156.169 1299 (TWELVE99 ...)
5 5 185.64.190.78 62713 (AS-PUBMATIC)
1 1 172.64.154.237 13335 (CLOUDFLAR...)
3 5 51.89.9.254 16276 (OVH)
1 1 185.29.134.248 30419 (MEDIAMATH...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 185.86.138.153 201081 (SMARTADSE...)
15 2606:4700:1::... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 213.254.244.105 3257 (GTT-BACKB...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 69.173.144.138 26667 (RUBICONPR...)
3 3 213.19.147.45 26120 (RHYTHMONE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2.18.36.193 16625 (AKAMAI-AS)
2 162.19.138.119 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
4 34.102.185.99 396982 (GOOGLE-CL...)
5 172.217.19.98 15169 (GOOGLE)
584 68
58    190.89.239.168 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us310.serverdo.in
www.flaresenha.com
2    2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
142    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
pubads.g.doubleclick.net
1    190.89.238.70 (Brazil)

ASN28209 (Under Servicos de Internet Ltda, BR)
PTR: br42.serverdo.in
tags.juicebarads.com
5    2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    190.89.239.12 (Brazil)

ASN29802 (HVC-AS, US)
PTR: us250.serverdo.in
controle.flaresenha.com
8    2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
c.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
2    92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com
a.teads.tv
8    2606:4700:e2::ac40:8325 (United States)

ASN13335 (CLOUDFLARENET, US)
www.chatbro.com
lpgs.chatbro.com
5    2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    85.17.31.162 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
cdn.fsmads.biz
z.cdn.fsmads.biz
28    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
3    2606:4700::6812:19f6 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.cleverwebserver.com
ui.cleverwebserver.com
call.cleverwebserver.com
2    2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:223d:2000:17:1c9a:3a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
intersc.igaming-service.io
1    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
data.gblcdn.com
2    213.227.149.183 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
z.cdn.trafficdok.com
9    2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
48    2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
12    2a00:1450:400d:803::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    3.10.72.72 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-72-72.eu-west-2.compute.amazonaws.com
ip-api.igaming-service.io
9    23.35.209.30 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-30.deploy.static.akamaitechnologies.com
sync.teads.tv
2    23.203.125.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-36.deploy.static.akamaitechnologies.com
t.teads.tv
1    2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
50    142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net
cm.g.doubleclick.net
10    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
7    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
6    2a02:26f0:11a::217:9a82 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
6    2a00:1450:400d:808::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
www.gstatic.com
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
16    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
googleads4.g.doubleclick.net
60    2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
8    2a00:1450:400f:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    142.250.27.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f155.1e100.net
bid.g.doubleclick.net
2    34.255.210.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-210-6.eu-west-1.compute.amazonaws.com
samsung-germany.demdex.net
1    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
pfa.levexis.com
2    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
2    2a00:1450:400e:2::7 (Ireland)

ASN15169 (GOOGLE, US)
r2---sn-5hnekn7k.c.2mdn.net
2    142.250.180.198 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:400e:11::7 (Ireland)

ASN15169 (GOOGLE, US)
r2---sn-5hnednsz.c.2mdn.net
4    34.240.83.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-83-138.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
1    2a02:fa8:8806:16::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    3.125.102.19 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-102-19.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    52.58.51.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-51-57.eu-central-1.compute.amazonaws.com
match.360yield.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    2600:9000:2304:dc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
13    2600:1f13:800:7781:42a4:ee06:e1a9:8972 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    85.14.248.91 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    52.58.82.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-82-235.eu-central-1.compute.amazonaws.com
pm.w55c.net
4    213.155.156.169 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-169.teliacarrier-cust.com
d5p.de17a.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
5    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    185.86.138.153 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
15    2606:4700:1::6813:854e (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
1    2a00:1450:400e:13::9 (Ireland)

ASN15169 (GOOGLE, US)
rr4---sn-5hne6nzd.googlevideo.com
2    2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)
www.youtube.com
2    213.254.244.105 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
tpsc-frc.doubleverify.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    213.19.147.45 (Castricum, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
id5-sync.com
1    2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
4    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
b.t.tailtarget.com
tt-11382-4.seg.t.tailtarget.com
t.tailtarget.com
5    172.217.19.98 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f98.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
177 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
ade.googlesyndication.com — Cisco Umbrella Rank: 296
1 MB
117 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
cm.g.doubleclick.net — Cisco Umbrella Rank: 207
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 334
bid.g.doubleclick.net — Cisco Umbrella Rank: 728
ad.doubleclick.net — Cisco Umbrella Rank: 177
pubads.g.doubleclick.net — Cisco Umbrella Rank: 436
620 KB
65 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
gcdn.2mdn.net — Cisco Umbrella Rank: 1091
r2---sn-5hnekn7k.c.2mdn.net — Cisco Umbrella Rank: 448646
r2---sn-5hnednsz.c.2mdn.net — Cisco Umbrella Rank: 386604
3 MB
60 flaresenha.com
www.flaresenha.com
controle.flaresenha.com
1 MB
23 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 8643
c.mgid.com — Cisco Umbrella Rank: 6653
cdn.mgid.com — Cisco Umbrella Rank: 11703
servicer.mgid.com — Cisco Umbrella Rank: 8838
s-img.mgid.com — Cisco Umbrella Rank: 6526
cm.mgid.com — Cisco Umbrella Rank: 1306
478 KB
21 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 729
fw.adsafeprotected.com — Cisco Umbrella Rank: 777
static.adsafeprotected.com — Cisco Umbrella Rank: 598
dt.adsafeprotected.com — Cisco Umbrella Rank: 549
198 KB
14 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
82 KB
13 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1327
sync.teads.tv — Cisco Umbrella Rank: 1225
t.teads.tv — Cisco Umbrella Rank: 2634
133 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186 Failed
449 KB
11 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 485
rtb0.doubleverify.com — Cisco Umbrella Rank: 719
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 17067
tps.doubleverify.com — Cisco Umbrella Rank: 531
tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 15041
153 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 427
9 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 67
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1925
www.google.com — Cisco Umbrella Rank: 2
10 KB
8 openx.net
us-u.openx.net — Cisco Umbrella Rank: 423
826 B
8 chatbro.com
www.chatbro.com — Cisco Umbrella Rank: 104691
lpgs.chatbro.com — Cisco Umbrella Rank: 115129
124 KB
7 tailtarget.com
tags.t.tailtarget.com — Cisco Umbrella Rank: 70171
d.tailtarget.com — Cisco Umbrella Rank: 78238
b.t.tailtarget.com — Cisco Umbrella Rank: 59958
tt-11382-4.seg.t.tailtarget.com
t.tailtarget.com — Cisco Umbrella Rank: 6674
23 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
7 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
imasdk.googleapis.com — Cisco Umbrella Rank: 438
480 KB
6 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 723
ads.pubmatic.com — Cisco Umbrella Rank: 458
65 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 722
1 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 8800
www.google.de — Cisco Umbrella Rank: 6211
1 KB
4 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4352
1 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 277
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 702
2 KB
3 cleverwebserver.com
scripts.cleverwebserver.com — Cisco Umbrella Rank: 29625
ui.cleverwebserver.com — Cisco Umbrella Rank: 29589
call.cleverwebserver.com — Cisco Umbrella Rank: 31055
47 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1053
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1266
637 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 924
id5-sync.com — Cisco Umbrella Rank: 399
17 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 524
2 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 732
s.tribalfusion.com — Cisco Umbrella Rank: 1833
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 68
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 712
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 762
r.turn.com — Cisco Umbrella Rank: 3173
869 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 340
956 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2302
786 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 285
1 KB
2 demdex.net
samsung-germany.demdex.net — Cisco Umbrella Rank: 69997
2 KB
2 trafficdok.com
z.cdn.trafficdok.com — Cisco Umbrella Rank: 292489
2 igaming-service.io
intersc.igaming-service.io — Cisco Umbrella Rank: 82957
ip-api.igaming-service.io — Cisco Umbrella Rank: 131533
8 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 23
20 KB
2 fsmads.biz
cdn.fsmads.biz
z.cdn.fsmads.biz
5 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 926
573 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 316
456 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 33989
609 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 551
541 B
1 googlevideo.com
rr4---sn-5hne6nzd.googlevideo.com — Cisco Umbrella Rank: 41234
2 MB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 781
75 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1366
586 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 449
863 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 12552
60 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 11777
552 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1827
174 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 595
191 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3371
104 B
1 levexis.com
pfa.levexis.com — Cisco Umbrella Rank: 65052
534 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
37 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 854
www.googleadservices.com Failed
555 B
1 gblcdn.com
data.gblcdn.com — Cisco Umbrella Rank: 300967
6 KB
1 juicebarads.com
tags.juicebarads.com
14 KB
584 57
Domain Requested by
115 pagead2.googlesyndication.com www.flaresenha.com
pagead2.googlesyndication.com
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
tags.juicebarads.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
ad.doubleclick.net
www.googletagservices.com
securepubads.g.doubleclick.net
60 s0.2mdn.net 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
www.flaresenha.com
s0.2mdn.net
imasdk.googleapis.com
58 www.flaresenha.com 1 redirects www.flaresenha.com
50 cm.g.doubleclick.net 21 redirects googleads.g.doubleclick.net
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
www.flaresenha.com
48 tpc.googlesyndication.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
www.flaresenha.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
ad.doubleclick.net
s0.2mdn.net
securepubads.g.doubleclick.net
26 googleads.g.doubleclick.net pagead2.googlesyndication.com
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
www.flaresenha.com
18 securepubads.g.doubleclick.net www.flaresenha.com
securepubads.g.doubleclick.net
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
16 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.flaresenha.com
ad.doubleclick.net
15 s-img.mgid.com www.flaresenha.com
13 dt.adsafeprotected.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
www.flaresenha.com
12 www.googletagservices.com securepubads.g.doubleclick.net
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
www.flaresenha.com
cdn.doubleverify.com
www.googletagservices.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
9 sync.teads.tv a.teads.tv
googleads.g.doubleclick.net
9 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com securepubads.g.doubleclick.net
8 csi.gstatic.com imasdk.googleapis.com
8 us-u.openx.net googleads.g.doubleclick.net
7 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
7 www.chatbro.com www.flaresenha.com
6 www.google.com www.flaresenha.com
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
tpc.googlesyndication.com
6 cdn.doubleverify.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
cdn.doubleverify.com
www.flaresenha.com
5 ade.googlesyndication.com
5 onetag-sys.com 3 redirects 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
5 image6.pubmatic.com 5 redirects
5 fonts.gstatic.com fonts.googleapis.com
5 imasdk.googleapis.com www.flaresenha.com
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
imasdk.googleapis.com
4 d5p.de17a.com 4 redirects
4 static.adsafeprotected.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
pixel.adsafeprotected.com
4 ups.analytics.yahoo.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
www.flaresenha.com
2 b.t.tailtarget.com d.tailtarget.com
2 d.tailtarget.com www.flaresenha.com
d.tailtarget.com
2 cm.mgid.com jsc.mgid.com
2 sync.1rx.io 2 redirects
2 www.youtube.com www.flaresenha.com
2 pm.w55c.net 2 redirects
2 eb2.3lift.com 2 redirects
2 match.360yield.com 2 redirects
2 x.bidswitch.net 2 redirects
2 cdn.mgid.com www.flaresenha.com
2 fw.adsafeprotected.com 1 redirects www.flaresenha.com
2 pixel.adsafeprotected.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
2 ad.doubleclick.net www.googletagservices.com
2 r2---sn-5hnekn7k.c.2mdn.net www.flaresenha.com
2 gcdn.2mdn.net 2 redirects
2 samsung-germany.demdex.net 1 redirects 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
2 rtb0.doubleverify.com cdn.doubleverify.com
2 t.teads.tv www.flaresenha.com
2 z.cdn.trafficdok.com cdn.fsmads.biz
2 www.google-analytics.com www.flaresenha.com
www.google-analytics.com
2 a.teads.tv www.flaresenha.com
a.teads.tv
2 jsc.mgid.com www.flaresenha.com
jsc.mgid.com
2 controle.flaresenha.com www.flaresenha.com
2 fonts.googleapis.com www.flaresenha.com
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 tpsc-frc.doubleverify.com cdn.doubleverify.com
1 t.tailtarget.com
1 tt-11382-4.seg.t.tailtarget.com d.tailtarget.com
1 id5-sync.com cdn.id5-sync.com
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 ads.pubmatic.com jsc.mgid.com
1 cdn.id5-sync.com jsc.mgid.com
1 sync.targeting.unrulymedia.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 tps.doubleverify.com cdn.doubleverify.com
1 rr4---sn-5hne6nzd.googlevideo.com www.flaresenha.com
1 ssbsync.smartadserver.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 r.turn.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 m.exactag.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 servicer.mgid.com jsc.mgid.com
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 pixel-sync.sitescout.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 www.gstatic.com www.flaresenha.com
1 c.mgid.com jsc.mgid.com
1 r2---sn-5hnednsz.c.2mdn.net www.flaresenha.com
1 rtbc-eu3.doubleverify.com cdn.doubleverify.com
1 pfa.levexis.com 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 call.cleverwebserver.com www.flaresenha.com
1 www.google.de www.flaresenha.com
1 tags.t.tailtarget.com www.flaresenha.com
1 www.googletagmanager.com tags.juicebarads.com
1 fundingchoicesmessages.google.com tags.juicebarads.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ip-api.igaming-service.io intersc.igaming-service.io
1 ui.cleverwebserver.com www.flaresenha.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 data.gblcdn.com www.flaresenha.com
1 intersc.igaming-service.io www.flaresenha.com
1 z.cdn.fsmads.biz cdn.fsmads.biz
1 scripts.cleverwebserver.com www.flaresenha.com
1 lpgs.chatbro.com www.flaresenha.com
1 cdn.fsmads.biz www.flaresenha.com
1 tags.juicebarads.com www.flaresenha.com
0 www.googleadservices.com Failed
584 107
Subject Issuer Validity Valid
flaresenha.com
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.tags.juicebarads.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-11 -
2023-08-11		 a year crt.sh
controle.flaresenha.com
R3		 2022-12-12 -
2023-03-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
teads.tv
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
fsmads.biz
R3		 2022-12-18 -
2023-03-18		 3 months crt.sh
cleverwebserver.com
Cloudflare Inc ECC CA-3		 2022-09-06 -
2023-09-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.igaming-service.io
Sectigo RSA Domain Validation Secure Server CA		 2022-07-25 -
2023-08-05		 a year crt.sh
*.cdn.trafficdok.com
Go Daddy Secure Certificate Authority - G2		 2022-04-07 -
2023-04-07		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-10 -
2023-07-10		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
pfa.levexis.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-18 -
2024-01-25		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-11		 2 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-01 -
2023-05-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh

This page contains 57 frames:

Primary Page: https://www.flaresenha.com/
Frame ID: 1FF3674E559BEBA2FFD55F834CA627A6
Requests: 168 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 94CC74E2A0B7F5FE47539DA4CF800D4D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/zrt_lookup.html
Frame ID: CCB6CB9AC5EC32DE67D8EB73661EF394
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYArPincbDsAtMKtUx4eXISLKfhZYzKYTh9sxxCTNuR0zcsz5CJnOqRyK4q5sJRJo3SoDrun5FxQZsUJlfH14-qhdXHYxUute9mG8sPZJZ_FVxogxHAAKXWNIsK1hN5b_zzDUC05Pd4wqg3J4pXCFvDtwzJ_ASMbrYwxgNlIzo0KqKE3XYh49g2ukKVZuK9MPsUUdQykfs2SsBqozrO0vZjXscM9YYrWTb84sPIF_sqFWmrnVUiUxIsUZQosJH0wQNG7skdxVA1M0Hk7PBKnHakZ7zc8_uUaSmIg65vptp6TktGRLVCmSSh5BTEWK-Kw6_ixjVAh5NabNhA6b3xg&sai=AMfl-YQSzRINXy5hzlO2QmgttF69vhVkPBY4G4owdGpbjSizqAOFik_T-D7y6a5XT-yTkU0w0Pea6-QpNMmvyVoCfSJu5jIdFE8CHVu8tEhDRJ6VW-5zQ9xY8nL9uM6t1k_TX4rN1YniqUQ1nj8-lTg&sig=Cg0ArKJSzP3qr3y-iSRJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B4883F44DA1970AB5346EB1873C9DDC4
Requests: 2 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F7D9846EA5148EF5603D21F67ECFF9B3
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1675862330&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.flaresenha.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675862329693&bpp=6&bdt=1061&idt=542&shv=r20230206&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D681ed6fb97d6f13a%3AT%3D1675862329%3AS%3DALNI_Mb1isc5YIOTHVcxf0WMwXA3hQF_CQ&gpic=UID%3D00000bb282e04c01%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_Mawvt2QLKtcDywgWr8BHacoHulaFg&nras=1&correlator=1636428821851&frm=20&pv=2&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=1487383016189401&tmod=744123798&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=609
Frame ID: B62ABC72E90A1ED6181B49517AA3D2CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNXhZQ6R3P5iBzXE9XgWXKnYu1gU5hpDMnSpnDBW6DcdYQTLZC8FL4uh52kvJaBsMW8U3P3tjSqXGTb3TYFqlvvoh2QDlMQK51LfzXX11VrK79d-_rxdXISOEP4h7Om9HruLD59GqcHG81c7z-aKPrkWm36BYtN-Ur1NeFYb3TrnoP7hLjs
Frame ID: EA5DAF29E2FC77F8162FE7CBD817DABD
Requests: 5 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 05E7C3BE0FB26E6467B4CA12BD2B0083
Requests: 25 HTTP requests in this frame

Frame: https://sync.teads.tv/wigo-no-slot
Frame ID: A882FD80EE30E10A01F46AE79B7E4B55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNUIfXXqyGjfwqk4qA5vFnQRWbXzw-PloyY7l1RFuWJ_kUV3kXkCU_NsEVWgIpnzXTwQBxOO5LU5ruVSE7rImKrgjDCZ247fLwIDVTdQSxpbCb8sdQULgnHzpx6AO2VnyMYdS_KF_i33yAz5zeYHQO7zSkbg5i5y_kgovx8P8Dg9CLG18C0
Frame ID: 8DB839BA37D8F87257DE8E8B69EC4F13
Requests: 5 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 02794F68CC9B52388FA9BC7E2BED272D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYi_7m3wEwAQ&v=APEucNWawlxy712WNdQzPnvA7pSvZoYohsdM20aloHUuWhGBrUrXUYjza4pi5RoqWhNk--nxLqqvHRnuWUDWiVlrgjTUikvFDr1Xoxpgayw27F7xK19K8JbOXxNvxh7Znb9n0ZaauoMh1wpCcSbunWwu-2EBgvRJ9Euj26eThuFr_FWWfKoViRw
Frame ID: 545937285F72505F20AA083CF09BE1A8
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 690AB99E375E744F0ECBE3064C39D57E
Requests: 20 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2064A757FECB93210AD78799005A2BFB
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 30FC54C8AC8BAF75FE33A17C2683D9C4
Requests: 3 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 943C430A9ABDFD4BC45E9032A23DFB65
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D69367A4107119FE8BA993DFBB4292AB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWSmsAvW-UMgoxy6p90hv1YQWBYXt40AmSaGpOOLZwV4I3VWxtigZdPuVlXPzQqWvjoqfo4pSrZ9oBa2F5n1O4cv5mlon9kOH3RFhNxVOFlkXvvOoJD_fy8Xv0Mk7nERMclrXqZugJx3UcVSdYCHCKeIx2Tlm-Akm5s0aFLPveyHMrEVMI
Frame ID: 0956E54D21522FFD39DE300DC1208628
Requests: 5 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 85F99DC6C0EB50EC46FA70CAF920B523
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/992376486397695907/1674512274070/index.html?e=69&leftOffset=0&topOffset=0&c=ZRO1l0nWYo&t=1&renderingType=2&ev=01_247
Frame ID: CD991BB5B3FA188F091540DF4B3018B3
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 99D8987CF34F5BECEA10AE481898FEDB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNUgZMU6upV3VPte2BhORitrDhWV54wj5g9FYQ2bUAu5CwMZ2moKS9gJy3xnjcsjr33l7j2QYWxr2X1J3U_bAG98ZH63RAeeD_oVyaJSp64NFyXgxWnEkqNOz1fcirXMrhoYRQW3CdqGXeXPxRVyW6k_fgFzq-qSxtQf1mWioL8WBwfmyCE
Frame ID: E6C8803406F88A5DD29724C2B7C8180D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C42E616B897E17E4390FA783FB1EE317
Requests: 3 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8AF6988D34D56F217FD0A141046A13EF
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiTkrzHATAB&v=APEucNXuQ7h1yeL0UzLoOD3ypaNhxhUUaKcdAl5fo-s0YyfVJLhjZEXLxrZYMRTxzGsrcbTrK_ETsqBpoOtqo2N2cppx5_fWuwg_oAx2nDdHyaZtYFYcTQoYhwZZn0xAS-ZHHZsf1-9F0HIF8-IrQbd-PHp-u2slhYhaMVXKYN1zOg4GtN_jX44
Frame ID: 8DAA370AEC8E5C867425551C52B11E16
Requests: 5 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 436513CFC9070D588BF3913DE4F8E0DF
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Frame ID: D1E98825D01324A29CA4458A21D266BB
Requests: 19 HTTP requests in this frame

Frame: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E56F9C2E613AE32260BA913EAB14D2A
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWrRY6r6xBbCmTv1PtlimlMj6D4gpp90KYemtG72vcwQGPqHnjCHH_CE37DdDUk_K8qnjou3eZL1XXdXqJ8xoe7ryrctmGM6xuXmv6ZCcgVgfaH-Y26s9RoJujSpkRNmN77_NQsr-EdXWsDQEzpJqfst7cfJNCwW1Ff8Q-US30pPl8bxjk
Frame ID: B94849FD799081C21445DCCA936A08B0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D68B536ECE5E7F3916D45B875F337A23
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUdI49i_yRWme7fgNKBp7poU3a9AHOVrCtPb0YdaTJLvy2uVbmlpkGbvx7glk8gKNWf9Cm3QLCqV7Dd5Wn6F9iRwaZ8758N69PB3RUhLn7TZ17ZMe5iYOyvBg7ztq_7j-OvoPuQyqn3Ppfp0fifdKysNAlFDUgRlrlWTuQbaQym-ZoPyP4
Frame ID: 7F32EA541B6D88F9C4692E7225959F70
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
Frame ID: 1C0E410A4FCA10FA0F3E1E816D8F5B0B
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E437828582A2E3B70137D7335F1C4430
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: C6FFF4AD3F5EB511C540F6AB1478234F
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 922B264473E6A73D431B5EFC52000E2E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 372BA26891051423861E787C1BF5A523
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 4FD703EA83FA376150C25C21C58CE08C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 883C0FA11B0B8074F4D10C79E58975A0
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D8AE0D44D6FC4433BE40C55B6DDF25EB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0EF2AA90316A4DB961D70199D13F5603
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
Frame ID: 96F632F609B2E81C715FA963F8537007
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 607995E432539980449492E4C2AAB6C1
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
Frame ID: 220FE25A325A0EC73AD43820E41AA8FB
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6DE8A31F70951A77187E414DFAECFE54
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 916A032535CFF145BE4561918B959318
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C7120AB766D578FA954DD841E08BE7FD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D1ABEE340910D02AA910A4F974D04F7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 4D086A1530BC9476F6508888D4944857
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 757E04995A40B820397FB702D9AD242F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Frame ID: 729644F1642E21F291614C98438AFA45
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DF786964C9221C00D39C918A6A22FFD7
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3508.js
Frame ID: 0B2896F6B571EBD1A835F3B67AD55DA6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8C0C99728A45EC774669EE1CF5B652D9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 696FAA3C3B22028AEBAA6AE5E4A73110
Requests: 3 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1675862336269400507366
Frame ID: 435D3DA6DDC7E6311B347DF4D8837651
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2DD93B46F92DC3B32ECB4F5DC94D9E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48385A6C63A6839F0BDBE0D46271FD3B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fla Resenha | Flamengo

Page URL History Show full URLs

  1. http://www.flaresenha.com/ HTTP 301
    https://www.flaresenha.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

584
Requests

90 %
HTTPS

43 %
IPv6

57
Domains

107
Subdomains

68
IPs

11
Countries

10938 kB
Transfer

21677 kB
Size

67
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.flaresenha.com/ HTTP 301
    https://www.flaresenha.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIwMRxPEr5gh5g9f1PXf-0U&google_cver=1
Request Chain 119
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.OhOpYZgdQZ0MvM4CvzGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIwMRxPEr5gh5g9f1PXf-0U&google_cver=1&google_hm=2
Request Chain 120
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEWpd_gJa5JYQ8BOauN93L8&google_cver=1
Request Chain 121
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHcp77jlsNJ6vXDySIjZxoQ&google_cver=1
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBfmNJKjGlUDnrHGawliafQ&google_cver=1
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHgzZZ_xyaqYmIRhoXuLuKs&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHgzZZ_xyaqYmIRhoXuLuKs&google_cver=1&__user_check__=1&sync_id=20fd5cf3-a7b3-11ed-977c-1d03a5b20206
Request Chain 176
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=20f7a66a-a7b3-11ed-a4af-153cf9b00406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjBmN2E2MjEtYTdiMy0xMWVkLWE0YWYtMTUzY2Y5YjAwNDA2
Request Chain 177
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1XZXBmNlFsRTJ1RzAwdms0Y2tfelRpQm9xR1ZCSUlYX35B
Request Chain 218
  • https://samsung-germany.demdex.net/event?d_event=imp&d_src=38080&d_site=5313500&d_creative=186124503&d_adgroup=23233&d_placement=358296035&d_campaign=29309792&d_cb=3641295847 HTTP 302
  • https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=186124503&d_adgroup=23233&d_placement=358296035&d_campaign=29309792&d_cb=3641295847
Request Chain 222
  • https://gcdn.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/3AEA521CC5DFC6742FEE24FE5EB55D802AF44B1E.6A98AA69817725E01C4B39E2C273DD7B0A0353F/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-5hnekn7k.c.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/845054817CC9DA2E7A31548D1B16BB2472950510.763BCB19012056B76EDDC340EE16D45A130AAC60/key/cms1/cms_redirect/yes/mh/Ke/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnekn7k/ms/onc/mt/1675861604/mv/u/mvi/2/pl/48/file/file.mp4
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECer09t9kauM0uvDZRJSmZQ&google_cver=1
Request Chain 228
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.OhOpYZgdQZ0MvM4CvzGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECer09t9kauM0uvDZRJSmZQ&google_cver=1&google_hm=2
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGI_ybMzB6olkOSc5DdBU2w&google_cver=1
Request Chain 230
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
Request Chain 276
  • https://gcdn.2mdn.net/videoplayback/id/ad20b679cdefdd19/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1707398331/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B694CCC5CF1E4A2F05677C796BBC58ED32F46B32.0A96930AFAA22718BC40364F590B6F63A33E37E5/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-5hnednsz.c.2mdn.net/videoplayback/id/ad20b679cdefdd19/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1707398331/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/46E42B4039E980C6D42B798C6BD706CB847873E3.343A4CE7E12F729527F9C45853E985AD08547803/key/cms1/cms_redirect/yes/mh/sN/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1675861604/mv/u/mvi/2/pl/48/file/file.mp4
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmy9BmDvRCqJwZep9gUNlE&google_cver=1
Request Chain 295
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.OhOpYZgdQZ0MvM4CvzGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmy9BmDvRCqJwZep9gUNlE&google_cver=1&google_hm=2
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIrEw9LstIZfBjPdKG67I4M&google_cver=1
Request Chain 297
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Request Chain 339
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
Request Chain 341
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
Request Chain 359
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
Request Chain 361
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
Request Chain 384
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEUN0FLv8xW_0g9AHQZ3dVc&google_cver=1&google_push=Aa02lx9LEdo8dKLBKI3hT0Pae4yKNCEXbfMSbiHWTGKx7JIJwY2RFIqfjglCr_THm_rxTg5vWQPBfsc-1gbT0m-PM1eh5PnyoHJj HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KMK1mjRnQl-k0Vk4owEMRQ2&google_push=Aa02lx9LEdo8dKLBKI3hT0Pae4yKNCEXbfMSbiHWTGKx7JIJwY2RFIqfjglCr_THm_rxTg5vWQPBfsc-1gbT0m-PM1eh5PnyoHJj
Request Chain 385
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECnZ8yRmEzQUt645o9p7gOw&google_cver=1&google_push=Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5GOYAHg_lZy-uqY HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECnZ8yRmEzQUt645o9p7gOw&google_cver=1&google_push=Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5GOYAHg_lZy-uqY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5GOYAHg_lZy-uqY&google_hm=1m0D7qtFRG-ZN-VTdwwosQ==
Request Chain 386
  • https://match.360yield.com/match/ebda?google_gid=CAESEKniTfI2cnjHEn_AKKVrq_g&google_cver=1&google_push=Aa02lx-I2Abaye8NkeOcGmn1Qn0964tyUiqiCvSMHbzOl8fO-Lc8lqNF6Gh41EG08Nh2OFwEZxEJt2J_SPDqhyY5JDF0IFquiU7J HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKniTfI2cnjHEn_AKKVrq_g&google_cver=1&google_push=Aa02lx-I2Abaye8NkeOcGmn1Qn0964tyUiqiCvSMHbzOl8fO-Lc8lqNF6Gh41EG08Nh2OFwEZxEJt2J_SPDqhyY5JDF0IFquiU7J HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CohpvaW6SFiwVixCZBYfwA&google_push=Aa02lx-I2Abaye8NkeOcGmn1Qn0964tyUiqiCvSMHbzOl8fO-Lc8lqNF6Gh41EG08Nh2OFwEZxEJt2J_SPDqhyY5JDF0IFquiU7J
Request Chain 387
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHT59Sj0jVXGBBRQng_Bm8I&google_cver=1&google_push=Aa02lx-jIOJlxyIYq6gi2ozY5GM0EI6gBnbkUYhNSqifBry-1virAavJMQ5Rks2vwDISWBPgZIBK51yj-RPcKRpSYW-jxF_-YzcL HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-jIOJlxyIYq6gi2ozY5GM0EI6gBnbkUYhNSqifBry-1virAavJMQ5Rks2vwDISWBPgZIBK51yj-RPcKRpSYW-jxF_-YzcL&google_gid=CAESEHT59Sj0jVXGBBRQng_Bm8I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwMzk2MTI0MTYzNjAxNzg1MzE3NA%3D%3D&google_push=Aa02lx-jIOJlxyIYq6gi2ozY5GM0EI6gBnbkUYhNSqifBry-1virAavJMQ5Rks2vwDISWBPgZIBK51yj-RPcKRpSYW-jxF_-YzcL
Request Chain 391
  • https://fw.adsafeprotected.com/rfw/st/990511/61634094/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_PKHjY7GTNIOkgQeq1YCwCA&cbFunctionName=goog_wrapCb_PKHjY7GTNIOkgQeq1YCwCA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.flaresenha.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.flaresenha.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:6aed40d4-362c-749e-7fe4-618707a7622e,c:3Dr603,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-846cfdc89d-8kjjr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:4,mot:0,app:0,maw:0,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C163%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g1*.990511-61634094%7C1g11%7C1h1%7C1i%7C1j,idMap:1g1*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:29,oid:222e2f4a-a7b3-11ed-9949-8e237bfffa42,v:19.8.390,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 426
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFe0bkmQX9fxe8Zs2Eyh-MI&google_cver=1&google_push=Aa02lx-G-RD8OxGQ7BnHKw0jxUo1bYvZ5wndlJVGSYXQj1A0YwYY8btRsyXIGuOhoX5eo3qjindKt4y50ChEBD37tf9PDET-rzR5ug HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA0NjM1OTQyMTM5Mjg5NjU3OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ7DCmd-KbsT5PdySJT8TYo&google_cver=1
Request Chain 427
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJca3708pxt4GxBrgYIAiC0&google_cver=1&google_push=Aa02lx9dEfA-CIFzeZYH--3oTTUEmWbVFN65np4hpQvbgBWLvLGVejZ0AHrD2ISUttD9EkMXbHlAXqtlnGxD--7F9fh0X-uRHhx2 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJca3708pxt4GxBrgYIAiC0&google_cver=1&google_push=Aa02lx9dEfA-CIFzeZYH--3oTTUEmWbVFN65np4hpQvbgBWLvLGVejZ0AHrD2ISUttD9EkMXbHlAXqtlnGxD--7F9fh0X-uRHhx2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SHZldnF6T0MxUHBLbEU1&google_gid=CAESEJca3708pxt4GxBrgYIAiC0&google_cver=1&google_push=Aa02lx9dEfA-CIFzeZYH--3oTTUEmWbVFN65np4hpQvbgBWLvLGVejZ0AHrD2ISUttD9EkMXbHlAXqtlnGxD--7F9fh0X-uRHhx2
Request Chain 428
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELRPgkdi1yXPnMxek6ZgAxQ&google_cver=1&google_push=Aa02lx_9e_kBFfekKP5HEE5y6xUiOc7y_8Hx671uZd_pfLlBrenhwPAGRU5Xo68ShwAZHLkNtc4tP2Dw2gIv8okOVZt_TpGyjdQI HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELRPgkdi1yXPnMxek6ZgAxQ&google_cver=1&google_push=Aa02lx_9e_kBFfekKP5HEE5y6xUiOc7y_8Hx671uZd_pfLlBrenhwPAGRU5Xo68ShwAZHLkNtc4tP2Dw2gIv8okOVZt_TpGyjdQI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_9e_kBFfekKP5HEE5y6xUiOc7y_8Hx671uZd_pfLlBrenhwPAGRU5Xo68ShwAZHLkNtc4tP2Dw2gIv8okOVZt_TpGyjdQI
Request Chain 429
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECfFTrOAfoNiVTLEHwprOgI&google_cver=1&google_push=Aa02lx-h8v9rbStyt92pbQmpI7b_33-LykwyMM-1iuKejjy_7XlDVsRsc3DYDFFKOc_y-ROuVm2sT8aNlq_HVkdqIBOHfZ3NvU_ifQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECfFTrOAfoNiVTLEHwprOgI&google_cver=1&google_push=Aa02lx-h8v9rbStyt92pbQmpI7b_33-LykwyMM-1iuKejjy_7XlDVsRsc3DYDFFKOc_y-ROuVm2sT8aNlq_HVkdqIBOHfZ3NvU_ifQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PnZsx9x_Ryyrza7PSMv74Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-h8v9rbStyt92pbQmpI7b_33-LykwyMM-1iuKejjy_7XlDVsRsc3DYDFFKOc_y-ROuVm2sT8aNlq_HVkdqIBOHfZ3NvU_ifQ
Request Chain 430
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIxBUnVy0FbIHMG1GWP8ebE&google_cver=1&google_push=Aa02lx-ahpchiHjqOojGsJw9Z5zgmLjaEiAlUp7uc2Zm5xmkvUmmeHLPA-eYinY5qPwK90s0GLZzFHzhqj-8v9tFhc7HTmcbbZydsQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIxBUnVy0FbIHMG1GWP8ebE&google_hm=Y-OhOpYZgdQZ0MvM4CvzGQAABI8AAAIB&google_nid=index&google_push=Aa02lx-ahpchiHjqOojGsJw9Z5zgmLjaEiAlUp7uc2Zm5xmkvUmmeHLPA-eYinY5qPwK90s0GLZzFHzhqj-8v9tFhc7HTmcbbZydsQ
Request Chain 431
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECybNyDKK-pWtdPA8L-v7kY&google_cver=1&google_push=Aa02lx-Kak6o4Q9j-fRm1ZFLGI33XAgyqkQO-ca3J6s8Bl_w5ollW4if262Acr2N7mrdcT3hxEnlH6hqREw2KclVvLniqpSU547arA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-Kak6o4Q9j-fRm1ZFLGI33XAgyqkQO-ca3J6s8Bl_w5ollW4if262Acr2N7mrdcT3hxEnlH6hqREw2KclVvLniqpSU547arA
Request Chain 432
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECybNyDKK-pWtdPA8L-v7kY&google_cver=1&google_push=Aa02lx9meAr8bo4R16IJg57aJdxIRaGr4LJpWruYAJUo2LsSHetpy7QWlvV46_YMGBnZoI8Pp9azzT9Ii7cdeAulJc8_EWQFkTWwtPY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9meAr8bo4R16IJg57aJdxIRaGr4LJpWruYAJUo2LsSHetpy7QWlvV46_YMGBnZoI8Pp9azzT9Ii7cdeAulJc8_EWQFkTWwtPY HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 439
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ3vTUaP04-jHNAFOx3bBF8&google_cver=1&google_push=Aa02lx-u1SOuz3GJD5TQ07L1FJMOBQM8uXwe9s-fJVLa9_jR_ELrJs-zK0rviZnsMZt9svhLu6K2xbz9uG4W-XbhiPyBJ02NvbidkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-u1SOuz3GJD5TQ07L1FJMOBQM8uXwe9s-fJVLa9_jR_ELrJs-zK0rviZnsMZt9svhLu6K2xbz9uG4W-XbhiPyBJ02NvbidkA
Request Chain 440
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEE70Q4rWzGPZgMHtDqdIfao&google_cver=1&google_push=Aa02lx9wcYlffE1XfqHTy4hFqgus4ycOBZLofZvos0Yo3SGZQG-YU367bTiyftOoUH9SpWHv0Un7RYJCX5IZjplBnEWzw0Q8i6Vx6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5Nzc3MzkxNzEzNzkyNjI4NQ%3D%3D&google_push=Aa02lx9wcYlffE1XfqHTy4hFqgus4ycOBZLofZvos0Yo3SGZQG-YU367bTiyftOoUH9SpWHv0Un7RYJCX5IZjplBnEWzw0Q8i6Vx6w
Request Chain 441
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELRPgkdi1yXPnMxek6ZgAxQ&google_cver=1&google_push=Aa02lx-K1Wti5AyhiHE8a1ppfzx7GbvMg2DH0oEMxEgYMMIrzrpO60ROe4w2j8kH-D6mGOUfjzFwnoy32K7ISy_9Ti6ueeKD6UHo_Q HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELRPgkdi1yXPnMxek6ZgAxQ&google_cver=1&google_push=Aa02lx-K1Wti5AyhiHE8a1ppfzx7GbvMg2DH0oEMxEgYMMIrzrpO60ROe4w2j8kH-D6mGOUfjzFwnoy32K7ISy_9Ti6ueeKD6UHo_Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-K1Wti5AyhiHE8a1ppfzx7GbvMg2DH0oEMxEgYMMIrzrpO60ROe4w2j8kH-D6mGOUfjzFwnoy32K7ISy_9Ti6ueeKD6UHo_Q
Request Chain 442
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECfFTrOAfoNiVTLEHwprOgI&google_cver=1&google_push=Aa02lx-zAbsPtvdV03DJgdG3NK5OFaNHAP46FBOKuSvBraxC_eVLaXUTadD9OWf0Tjg1IoYIdHZAnkwDLJtu3tIKCl0w3PGxCTnl6Q HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECfFTrOAfoNiVTLEHwprOgI&google_cver=1&google_push=Aa02lx-zAbsPtvdV03DJgdG3NK5OFaNHAP46FBOKuSvBraxC_eVLaXUTadD9OWf0Tjg1IoYIdHZAnkwDLJtu3tIKCl0w3PGxCTnl6Q&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5vbYMwQgTwWJ5QFu1a7xYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-zAbsPtvdV03DJgdG3NK5OFaNHAP46FBOKuSvBraxC_eVLaXUTadD9OWf0Tjg1IoYIdHZAnkwDLJtu3tIKCl0w3PGxCTnl6Q
Request Chain 444
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELJ0vwfvyJTgkQIXsyR7aHw&google_cver=1&google_push=Aa02lx_TQmYfTdl1H1ig4wzoTef17vfXiZBKlz5hWaPASdXnX4xcj05ZUzvllFHwpQRPuzQeYdfBBSkGdVc51CZ8r6bVlsPQvMONMk0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JaEhDR09KRTJ1RTFNYy5CVmt6YXhsRmgwOUZhSkIwbH5B&google_push=Aa02lx_TQmYfTdl1H1ig4wzoTef17vfXiZBKlz5hWaPASdXnX4xcj05ZUzvllFHwpQRPuzQeYdfBBSkGdVc51CZ8r6bVlsPQvMONMk0
Request Chain 445
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECybNyDKK-pWtdPA8L-v7kY&google_cver=1&google_push=Aa02lx_VsywKiNuMFXrzFwfPDQJCO7vUytqd4bo8kYM7TK1bf0QozoU-LShLQpeQH2uaLQZ5XoDoU67i6UWBo6Q2fSiWP1YXUFWn61M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_VsywKiNuMFXrzFwfPDQJCO7vUytqd4bo8kYM7TK1bf0QozoU-LShLQpeQH2uaLQZ5XoDoU67i6UWBo6Q2fSiWP1YXUFWn61M HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 540
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAosZuZVXMk_2hTp5hhxuRk&google_cver=1&google_push=Aa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAosZuZVXMk_2hTp5hhxuRk&google_cver=1&google_push=Aa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 541
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMrL3WbUhtJDC_PjZr28hxY&google_cver=1&google_push=Aa02lx_u9ufgE48bbCcYsIB8YZqI8RHXMsxUocBCSihRANdGHODoE2PUxU6u-k-D6dxq0tP2Oyx19nA5BmLBqmydhL2KmCUzU2Mp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMrL3WbUhtJDC_PjZr28hxY&google_push=Aa02lx_u9ufgE48bbCcYsIB8YZqI8RHXMsxUocBCSihRANdGHODoE2PUxU6u-k-D6dxq0tP2Oyx19nA5BmLBqmydhL2KmCUzU2Mp
Request Chain 542
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOXINBePrtJZVfy0NuI8lY4&google_cver=1&google_push=Aa02lx9FtEWh3OiG2x9QOvZ00i2s74A8oc3JRGiGO65MqAkm4JQT719snoLLsXp_Qq8wjov8nUwIkScHNCT5WllrDweKGcQWKSvX HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9FtEWh3OiG2x9QOvZ00i2s74A8oc3JRGiGO65MqAkm4JQT719snoLLsXp_Qq8wjov8nUwIkScHNCT5WllrDweKGcQWKSvX&google_hm=BkvfAFl2SqibGI0jSbVN-aU
Request Chain 543
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEECRJZLPUj5ajUjCA5pukLo&google_cver=1&google_push=Aa02lx-fzzF-Jw49R1FqkMCohYvZ7x0ZUxGN-0hCgG8efVO71HLGm3fO2u9WxJbabBoqvSGdEi8Iput8eM8sOsSyXVdQKhIQAzU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5vbYMwQgTwWJ5QFu1a7xYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-fzzF-Jw49R1FqkMCohYvZ7x0ZUxGN-0hCgG8efVO71HLGm3fO2u9WxJbabBoqvSGdEi8Iput8eM8sOsSyXVdQKhIQAzU
Request Chain 544
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJGZgCzcaOxWcQ6istUAQHg&google_cver=1&google_push=Aa02lx8Fc0w-VQ3Bjb6Dytfx3kwIhMPVPxP2jjR0XwLuFYdHHmoGBsB-VbA61TwspRjEgigcLz34NcLL7akJz8HarJL7MMzPJBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERWUDVZRzEtMjAtVDdF&google_push=Aa02lx8Fc0w-VQ3Bjb6Dytfx3kwIhMPVPxP2jjR0XwLuFYdHHmoGBsB-VbA61TwspRjEgigcLz34NcLL7akJz8HarJL7MMzPJBA
Request Chain 545
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN6QRsjme1KSCO58hhOemGI&google_cver=1&google_push=Aa02lx_2oDezoNmw9EfiLvtYDsz5vlAwBDXDB2wpdPwsVmblF4evOLVn-cMhoao0h1u2tAFWmk1nB6IrDdSUVEuuASXbV-5Ghts HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_2oDezoNmw9EfiLvtYDsz5vlAwBDXDB2wpdPwsVmblF4evOLVn-cMhoao0h1u2tAFWmk1nB6IrDdSUVEuuASXbV-5Ghts&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675862336156 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c0f7b43e-ac56-45a8-aafe-309e9a1fe7d6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_2oDezoNmw9EfiLvtYDsz5vlAwBDXDB2wpdPwsVmblF4evOLVn-cMhoao0h1u2tAFWmk1nB6IrDdSUVEuuASXbV-5Ghts%26google_hm%3DA8D3tD6sVkWoqv4wnpof59Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_2oDezoNmw9EfiLvtYDsz5vlAwBDXDB2wpdPwsVmblF4evOLVn-cMhoao0h1u2tAFWmk1nB6IrDdSUVEuuASXbV-5Ghts&google_hm=A8D3tD6sVkWoqv4wnpof59Y
Request Chain 546
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJiDzOFqQkPGqjZpoLYKuqk&google_cver=1&google_push=Aa02lx85Vdk5MAPI-1yljRrQ3QzF6Ce6dKyuvMO0eI94Ck5_aEE4TuKXaFJi4EkbBJz11u2GsWpnqlV5xZ26OZjLyF6iABqu_HeN-g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JaEhDR09KRTJ1RTFNYy5CVmt6YXhsRmgwOUZhSkIwbH5B&google_push=Aa02lx85Vdk5MAPI-1yljRrQ3QzF6Ce6dKyuvMO0eI94Ck5_aEE4TuKXaFJi4EkbBJz11u2GsWpnqlV5xZ26OZjLyF6iABqu_HeN-g
Request Chain 591
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=COvM1PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT8AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcuNFqcnJV9kdKxQXX16uMa2e4Jr5oX-Tuu-ipyLefibArq0t9rTB8kcArOEZ9cAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxsQmg24Wu3dm7r4AKA5gLAcgLAdALDrgMAZoNAQ7YEwvQFQHiFgIIAfgWAYAXAQ&num=1&cid=CAQSOwDUE5ymfGDwm-S4cZnFHh2QGVGgC6MI1m10CgeiD1kM0_mDNkIIM0ppVUy-Fh-WTGroV-65PnRfbmWOGAE&sig=AOD64_3SQAyEStShYhcKulh0a8wfnVMlXg&client=ca-video-pub-2845463438153782&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=https://adriacamps.com/de/mobilehome-interes/mobilheime-fruehbucher-angebote/%3Futm_term%3D%26utm_campaign%3DSales-Performance%2BMax-AC-DE%252BAT-CH%26utm_source%3Dadwords%26utm_medium%3Dppc%26hsa_acc%3D1474186652%26hsa_cam%3D19163470524%26hsa_grp%3D%26hsa_ad%3D%26hsa_src%3Dx%26hsa_tgt%3D%26hsa_kw%3D%26hsa_mt%3D%26hsa_net%3Dadwords%26hsa_ver%3D3&ctype=110&label=video_10s_engaged_view&ad_mt=10160&acvw=sv%3D947%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D9110,802,9290,1122%26p0%3D9199,802,9379,1122%26p1%3D9110,802,9290,1122%26p2%3D9110,802,9290,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10149%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2612%26pst%3D691%26dur%3D15092%26vmtime%3D10160%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26i2%3D33554450%26cs%3D33559058%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D50%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D14864%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1675862334567 HTTP 302
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CVTMjPaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT8AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcuNFqcnJV9kdKxQXX16uMa2e4Jr5oX-Tuu-ipyLefibArq0t9rTB8kcArOEZ9cAEnOTi-pkE4AQBwAVuoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxmglNaHR0cHM6Ly9hZHJpYWNhbXBzLmNvbS9kZS9tb2JpbGVob21lLWludGVyZXMvbW9iaWxoZWltZS1mcnVlaGJ1Y2hlci1hbmdlYm90ZS-xCaDbha7d2buvgAoDmAsByAsB0AsOuAwBmg0BDtgTC9AVAeIWAggB-BYBgBcB&num=1&cid=CAQSOwDUE5ymfGDwm-S4cZnFHh2QGVGgC6MI1m10CgeiD1kM0_mDNkIIM0ppVUy-Fh-WTGroV-65PnRfbmWOGAE&client=ca-video-pub-2845463438153782&ctype=110&label=video_10s_engaged_view&ad_mt=10160&acvw=sv%3D947%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D9110,802,9290,1122%26p0%3D9199,802,9379,1122%26p1%3D9110,802,9290,1122%26p2%3D9110,802,9290,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10149%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2612%26pst%3D691%26dur%3D15092%26vmtime%3D10160%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26i2%3D33554450%26cs%3D33559058%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D50%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D14864%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0,fmd:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1675862334567&dblrd=1&sig=AOD64_1zgJPs4rBxrHAGhEQPbx6oX-g2og&adurl=https://adriacamps.com/de/mobilehome-interes/mobilheime-fruehbucher-angebote/%3Futm_term%3D%26utm_campaign%3DSales-Performance%2BMax-AC-DE%252BAT-CH%26utm_source%3Dadwords%26utm_medium%3Dppc%26hsa_acc%3D1474186652%26hsa_cam%3D19163470524%26hsa_grp%3D%26hsa_ad%3D%26hsa_src%3Dx%26hsa_tgt%3D%26hsa_kw%3D%26hsa_mt%3D%26hsa_net%3Dadwords%26hsa_ver%3D3

584 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.flaresenha.com/
Redirect Chain
  • http://www.flaresenha.com/
  • https://www.flaresenha.com/
350 KB
73 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
86b9a9d53a13316c19fbdc32a1aba1995fa843ad69e91596d697b7984e706c75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 08 Feb 2023 13:18:48 GMT
expires
Wed, 08 Feb 2023 13:19:48 GMT
link
<https://www.flaresenha.com/wp-json/>; rel="https://api.w.org/" <https://www.flaresenha.com/wp-json/wp/v2/pages/187>; rel="alternate"; type="application/json" <https://www.flaresenha.com/>; rel=shortlink
server
nginx/1.20.2
vary
Accept-Encoding Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
169
Content-Type
text/html
Date
Wed, 08 Feb 2023 13:18:48 GMT
Location
https://www.flaresenha.com/
Server
nginx/1.20.2
wp-emoji-release.min.js
www.flaresenha.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 14:47:54 GMT
server
nginx/1.20.2
etag
W/"63c8069a-48b9"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
style.min.css
www.flaresenha.com/wp-includes/css/dist/block-library/ 		93 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 15:07:34 GMT
server
nginx/1.20.2
etag
W/"63c80b36-172a9"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
classic-themes.min.css
www.flaresenha.com/wp-includes/css/ 		217 B
414 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
last-modified
Wed, 18 Jan 2023 15:07:34 GMT
server
nginx/1.20.2
etag
"63c80b36-d9"
vary
Accept
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
content-length
217
expires
Wed, 15 Feb 2023 13:18:48 GMT
js_composer.min.css
www.flaresenha.com/wp-content/plugins/js_composer/assets/css/ 		474 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.9.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 12:47:07 GMT
server
nginx/1.20.2
etag
W/"633d7ccb-76891"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
front.min.css
www.flaresenha.com/wp-content/plugins/cookie-notice/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 15:06:28 GMT
server
nginx/1.20.2
etag
W/"63c80af4-14d6"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.9
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 13:13:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 13:18:48 GMT
frontend.min.css
www.flaresenha.com/wp-content/themes/jnews/assets/dist/ 		584 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.8.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
4095a4b2df08c930bd39079b21d8825f80a9062ae2eb4734972a8a0a01dd9de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
W/"63646abe-92016"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
js-composer-frontend.css
www.flaresenha.com/wp-content/themes/jnews/assets/css/ 		3 KB
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/css/js-composer-frontend.css?ver=10.8.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
W/"63646abe-bb7"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
style.css
www.flaresenha.com/wp-content/themes/jnews/ 		427 B
517 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/style.css?ver=10.8.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
10d087795ec22a6aca155419bbe23614b0000231fb175829b76c8d4559c46e28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
W/"63646abe-1ab"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
darkmode.css
www.flaresenha.com/wp-content/themes/jnews/assets/css/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=10.8.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
3fadf99638094a841349a5bc82be83289b9b7c795838626f5ab8462763bad224

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
W/"63646abe-b6ae"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
scheme.css
www.flaresenha.com/wp-content/themes/jnews/data/import/news/ 		619 B
570 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/data/import/news/scheme.css?ver=10.8.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
9029f73a96c2d4c217f576b0112e4904b012dac75a997fae34508f2c8be7848c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
W/"63646abe-26b"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
jquery.min.js
www.flaresenha.com/wp-includes/js/jquery/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 15:07:36 GMT
server
nginx/1.20.2
etag
W/"63c80b38-15e54"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
jquery-migrate.min.js
www.flaresenha.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 14:47:54 GMT
server
nginx/1.20.2
etag
W/"63c8069a-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c39f86a593b09dcbb4e29d5344859c1267151bb116ed67a4a77f1e5e0e225e6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27248
x-xss-protection
0
server
sffe
etag
"1476 / 702 of 1000 / last-modified: 1675857979"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Feb 2023 13:18:48 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bccb40c86c8ca6f7b81777c5614cc7fd3ea1346fed819e44efb21312470f43a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49653
x-xss-protection
0
server
cafe
etag
7373427627238595019
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:49 GMT
flaresenha.js
tags.juicebarads.com/js/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.juicebarads.com/js/flaresenha.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.238.70 , Brazil, ASN28209 (Under Servicos de Internet Ltda, BR),
Reverse DNS
br42.serverdo.in
Software
nginx/1.20.1 /
Resource Hash
729a7b16cb901a8ec09432e92a332633a045124ad52cd8b012219c10fbc0b817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:19:09 GMT
content-encoding
gzip
last-modified
Mon, 21 Nov 2022 13:54:54 GMT
server
nginx/1.20.1
etag
W/"637b832e-b3e8"
vary
Accept-Encoding
content-type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125826
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:48 GMT
Urubu-Preto.png
controle.flaresenha.com/wp-content/uploads/2020/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.flaresenha.com/wp-content/uploads/2020/06/Urubu-Preto.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.12 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us250.serverdo.in
Software
nginx/1.22.1 /
Resource Hash
5026abb5780b1a184cd85e18e7221ddbde1753b597897c691aec5625aba7ef4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Thu, 18 Jun 2020 02:38:40 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"5eead3b0-2568"
content-length
9576
content-type
image/png
Urubu-Branco-2.png
controle.flaresenha.com/wp-content/uploads/2020/06/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://controle.flaresenha.com/wp-content/uploads/2020/06/Urubu-Branco-2.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
190.89.239.12 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us250.serverdo.in
Software
nginx/1.22.1 /
Resource Hash
142c617a22d3913ed0981d9fbedd455362e2642722f32cff4128d1e720572c35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Thu, 18 Jun 2020 14:28:50 GMT
server
nginx/1.22.1
accept-ranges
bytes
etag
"5eeb7a22-24dc"
content-length
9436
content-type
image/png
jeg-empty.png
www.flaresenha.com/wp-content/themes/jnews/assets/img/ 		70 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
"63646abe-46"
vary
Accept
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
70
expires
Wed, 15 Feb 2023 13:18:49 GMT
juicebarads.flaresenha.com.1374018.js
jsc.mgid.com/j/u/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b587f9fccdcf122342227870c7576d25874b01a22c31a057ca6d0536010d9ac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
x-amz-version-id
8oWGDqcVq0rg8OPYCavbwnIA_f3uzqcU
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
3CMZ9ZEQKGASFNWC
cf-polished
origSize=2684
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
JXT8YIDVwn7cArdgNR3qs/JoeMB3AL7Nfn+8Qmvju34845a6KC/ElYPYpL1Xm+/tbmaxQsEV05c=
cf-bgj
minify
last-modified
Thu, 22 Dec 2022 14:01:40 GMT
server
cloudflare
etag
W/"210711402654eb21eb0c6e44c1410d87"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7964a746cf9c30ca-FRA
expires
Wed, 08 Feb 2023 16:18:49 GMT
tag
a.teads.tv/page/122572/ 		711 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/122572/tag
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8fa27b9279ad366f04dbd20e554944252e67d941883166b9a79a30ca42a44dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
452
expires
Wed, 08 Feb 2023 14:18:49 GMT
v4-shims.min.css
www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 		34 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/v4-shims.min.css?ver=6.9.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
cdfdf586f38cfb19c6264343cc6a64adce7ff0961834e96a2f912f01dc29e3f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 12:47:08 GMT
server
nginx/1.20.2
etag
W/"633d7ccc-865f"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
all.min.css
www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/ 		55 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
04950e48cd4097fb4a540c3abcf445cd92d59bdf9ba40f49cfb180cc94387a2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 12:47:08 GMT
server
nginx/1.20.2
etag
W/"633d7ccc-dc69"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
text/css
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
comment-reply.min.js
www.flaresenha.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 14:47:54 GMT
server
nginx/1.20.2
etag
W/"63c8069a-ba5"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
photoswipe.js
www.flaresenha.com/wp-content/themes/jnews/assets/js/photoswipe/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/js/photoswipe/photoswipe.js?ver=10.8.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1a3ae8e02f48b4c2384be545382225ae5e1baeb0b502595c0c424d94153266f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
W/"63646abe-7ab5"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
photoswipe-ui-default.js
www.flaresenha.com/wp-content/themes/jnews/assets/js/photoswipe/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/js/photoswipe/photoswipe-ui-default.js?ver=10.8.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2f659d1127e229da4e21081430f10f98cbf39dd97c1af26ca8fc35bd98a0f2e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
W/"63646abe-25f7"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
hoverIntent.min.js
www.flaresenha.com/wp-includes/js/ 		1 KB
942 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 14:47:54 GMT
server
nginx/1.20.2
etag
W/"63c8069a-5db"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
imagesloaded.min.js
www.flaresenha.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 14:47:54 GMT
server
nginx/1.20.2
etag
W/"63c8069a-15fd"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
frontend.min.js
www.flaresenha.com/wp-content/themes/jnews/assets/dist/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=10.8.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
08cb37d18c2c7fc6d4202a2b5e14c95b8c6891bd2283b4a6b0486c6bb8672288

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
W/"63646abe-4a48b"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
front.min.js
www.flaresenha.com/wp-content/plugins/cookie-notice/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.5
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Wed, 18 Jan 2023 15:06:28 GMT
server
nginx/1.20.2
etag
W/"63c80af4-222e"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
js_composer_front.min.js
www.flaresenha.com/wp-content/plugins/js_composer/assets/js/dist/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
619ae81b00bc325e12926c7636579808760d1446ecb533288c04517e7efe25eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
last-modified
Wed, 05 Oct 2022 12:47:08 GMT
server
nginx/1.20.2
etag
W/"633d7ccc-5def"
vary
Accept-Encoding, Accept-Encoding, Accept
content-type
application/javascript
cache-control
max-age=604800
expires
Wed, 15 Feb 2023 13:18:49 GMT
embed.js
www.chatbro.com/ 		520 KB
103 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.chatbro.com/embed.js?eyJlbWJlZENoYXRzUGFyYW1ldGVycyI6W3siZW5jb2RlZENoYXRJZCI6IjEzOFhyIn1dLCJsYW5nIjoiZW4tVVMiLCJuZWVkTG9hZENvZGUiOnRydWV9
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ca4b5522ca30deee66641c79ce1b695cd4c7dbc19940a07345406cc1da96f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 08 Feb 2023 01:00:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pv6D50mic0JdcG6%2F2e027i9JBoQehmqUv5RTo3k6Pl8l96WZLMXujfJ2mPCpO0tISgN7bZWzbqgsTYhJpR9KHpqvVVGBk323yNXlHvLzHVZ77%2F2rVMRGWyPT5fsBi54l7KeoRE%2B09gWWCS3xmdU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
public, max-age=31536000, s-maxage=200
access-control-allow-credentials
true
cf-ray
7964a745bc763a7e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pubads_impl_2023020201.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 07 Feb 2023 19:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64832
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132430
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 09:36:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Feb 2024 19:18:17 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		398 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.flaresenha.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89103fc410a9dc045f6e922db7c983611e7eebc27bb41f5e902b58507dedeb6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
213
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:49 GMT
preloader.gif
www.flaresenha.com/wp-content/themes/jnews/assets/dist/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.8.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.8.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
"63646abe-112f"
vary
Accept
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
4399
expires
Wed, 15 Feb 2023 13:18:49 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 22:49:45 GMT
x-content-type-options
nosniff
age
52144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Feb 2024 22:49:45 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 15:23:02 GMT
x-content-type-options
nosniff
age
165347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 15:23:02 GMT
fontawesome-webfont.woff2
www.flaresenha.com/wp-content/themes/jnews/assets/dist/font/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.8.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.8.0
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
"63646abe-12d68"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://www.flaresenha.com
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
77160
expires
Wed, 15 Feb 2023 13:18:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3Aregular%2C500%2C700%2C700%2C500&display=swap&ver=1.2.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 11:48:56 GMT
x-content-type-options
nosniff
age
178193
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 11:48:56 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x100%7C336x280&ifi=1&adks=642320469&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-v-pos1&sc=1&cookie_enabled=1&abxe=1&dt=1675862329432&lmt=1675862329&dlt=1675862328631&idt=713&adxs=19&adys=458&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=338x0&msz=338x0&fws=4&ohw=338&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f51567dde53977ea68f87bb5e03881c44e556e838deac5f79ed34c7c363f9867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10450
x-xss-protection
0
google-lineitem-id
6170060282
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138414654759
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 94CC 		0
0
vitor-pereira-750x500.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/vitor-pereira-750x500.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
42ad0032a82731094cecf27074df2c734327ad5208d630fbd5c3b56e2a68e1d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Wed, 08 Feb 2023 10:59:09 GMT
server
nginx/1.20.2
etag
"63e3807d-7e97"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
32407
expires
Wed, 15 Feb 2023 13:18:49 GMT
angelo-santos-1-750x938.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/angelo-santos-1-750x938.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
fb4dc9d14ed03e6ea9aa19de70cf01786c2ea2dd2660d2c88c6f857dcd3e6e4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Tue, 07 Feb 2023 11:58:04 GMT
server
nginx/1.20.2
etag
"63e23ccc-1b2e9"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
111337
expires
Wed, 15 Feb 2023 13:18:49 GMT
everton-cebolinha-flamengo-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/07/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2022/07/everton-cebolinha-flamengo-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
2664598acea6bde8202ee012fd98ee827a525a6b2dad85813b82d8cd07e7a481

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Fri, 08 Jul 2022 03:55:26 GMT
server
nginx/1.20.2
etag
"62c7aaae-742d"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
29741
expires
Wed, 15 Feb 2023 13:18:49 GMT
angelo-santos-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/angelo-santos-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
0eb3fe3a39839ff94aa2ddca739e274b3abe59d39dd6af926f17d9460f6ca31f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Thu, 02 Feb 2023 14:20:32 GMT
server
nginx/1.20.2
etag
"63dbc6b0-4196"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
16790
expires
Wed, 15 Feb 2023 13:18:49 GMT
e.js
cdn.fsmads.biz/libs/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fsmads.biz/libs/e.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
85.17.31.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ae51cf8a14c614f6de82f97fcaf7ca313be479df21d69900149947d190f22cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:49 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-XSS-Protection
1; mode=block;
Last-Modified
Wed, 25 Jan 2023 14:41:08 GMT
Server
nginx
ETag
W/"63d13f84-2431"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Access-Control-Allow-Headers
X-PINGOTHER
Expires
Thu, 09 Feb 2023 13:18:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x145%7C970x90&ifi=2&adks=3155775495&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddmh-h-destaque&sc=1&cookie_enabled=1&abxe=1&dt=1675862329477&lmt=1675862329&dlt=1675862328631&idt=713&adxs=621&adys=394&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=1200x0&msz=1200x0&fws=0&ohw=0&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
436b53d7fd33c6f41b216420986b182aa1a783d44d8efdcba9e3377f704d8182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6867
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300%7C320x320%7C336x280&ifi=3&adks=1658264919&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-v-destaque1&sc=1&cookie_enabled=1&abxe=1&dt=1675862329518&lmt=1675862329&dlt=1675862328631&idt=713&adxs=1245&adys=1076&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=380x0&msz=320x0&fws=0&ohw=0&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cd2ec981ae1aed8c6cc1ee705c0a8d9c5613ca14fec9301a77e6198962277df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9699
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=4&adks=1542378214&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-v-destaque4&sc=1&cookie_enabled=1&abxe=1&dt=1675862329522&lmt=1675862329&dlt=1675862328631&idt=713&adxs=1245&adys=1076&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=380x0&msz=320x0&fws=0&ohw=0&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a00560193a23afe331982724b3a5b8ee12a3ba5dfce097de1914efd12f955572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7061
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x100&ifi=5&adks=898704793&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-v-destaque5&sc=1&cookie_enabled=1&abxe=1&dt=1675862329541&lmt=1675862329&dlt=1675862328631&idt=713&adxs=425&adys=3009&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=380x0&msz=380x0&fws=0&ohw=0&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fad23fcca912c1ceff3baf2058198bd0ed894d1884f8adab567369912271c597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6848
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		74 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=2230659989&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddmh-v-destaque3&sc=1&cookie_enabled=1&abxe=1&dt=1675862329545&lmt=1675862329&dlt=1675862328631&idt=713&adxs=835&adys=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=380x0&msz=320x0&fws=0&ohw=0&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
535d38ebf60490b0f4204db7d22c144876ed3575bd79d618a250f233dcecb303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23540
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g
lpgs.chatbro.com/ 		8 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lpgs.chatbro.com/g
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15ae58361663c22fb01bc0a5def542d14b770493b2ecdca62d4dc3bd20d6e031

Request headers

Referer
https://www.flaresenha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOVHuwZwxVQojeRX%2BUKp5GEHg4BzbUtBCga8xTZkoKVtWsf3sHpusvOxbJtmNMqevvv837DJ78GSBKWl8w3oOFUOQb3AnZLuBakwyPgsxrYbnv6kaZct2FzEFwYyU5r%2FrcbEy5%2B4eRVIx%2BC1nhM2"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
7964a747ff543a7e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chatbro.woff
www.chatbro.com/fonts/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.chatbro.com/fonts/chatbro.woff?10
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f74fcaf9c728521c218b7bf05a0bf7173b522e7769165c8f97fdf74734cf0907

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 30 Aug 2022 18:54:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"630e5cd2-383c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1t%2FxKOf7B%2BLHHcrY9jGttghr6b%2FF7%2FqbofZIYOIaIhaXZg0t7o9A5l9TnfaXscit%2BOdmygEPrXNVwwYXBW%2BfvXJQ7cPBXp31twdi2goTeN7d00G17LmnL2GdOpOvwbwtI2e5pB3LBhaweTgkyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7964a747ffa29b98-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 08 Feb 2023 13:28:49 GMT
chat_vk_logo.png
www.chatbro.com/images/ 		735 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chatbro.com/images/chat_vk_logo.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
163a89e59b219649c013ead3230f372f0e7dca9c8ea0dc0463f991b671b14404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
197
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
735
last-modified
Tue, 30 Aug 2022 18:54:10 GMT
server
cloudflare
etag
"630e5cd2-2df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2s4qamJgCKGjM%2Fq%2FHrEV%2FQ5GiXn6FxSi0koHQPqX0s6hpy29xayXERMLNnKA4%2BkRcRVl%2BlpQSviuCKefXzUP1K6jU632RS2CSwrSoXTsXf0%2FK5br%2B8lse0%2FAWL11ACICbSvS92EJkjoddfQ%2FAFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7964a7487fe23a7e-FRA
expires
Wed, 08 Feb 2023 13:25:32 GMT
chat_telegram_logo.png
www.chatbro.com/images/ 		777 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chatbro.com/images/chat_telegram_logo.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2f63f18bbbe390a7a2d93c0f42bd05c549d856969ccba17ee2f1fc734a77f51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
300
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
777
last-modified
Tue, 30 Aug 2022 18:54:10 GMT
server
cloudflare
etag
"630e5cd2-309"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pR5CdO5w5p2SUDkVQvJ6iIiOcmft3x%2FV3NXyFFXceAfijxVEksbniUPJ1ajIA8PYs3%2BIHFWIfpUjkn0jjUPhj%2Fmw7rad27ujhVpDlLhAacuWeqR%2BZmTOM917hIUKVxvDCRuBh42eaVH3jxIwBU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7964a7487fe33a7e-FRA
expires
Wed, 08 Feb 2023 13:23:49 GMT
chat_facebook_logo.png
www.chatbro.com/images/ 		329 B
661 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chatbro.com/images/chat_facebook_logo.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d813de68c702196d2eeaa7e2e5d55167638741533191d3e5038e329ac3f54940

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
329
last-modified
Tue, 30 Aug 2022 18:54:10 GMT
server
cloudflare
etag
"630e5cd2-149"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrtJJpispMYih%2BJc%2BGiAaIoMgjBa%2BDOq%2FB%2BJ0JJEjmwZC1MynBGuBb6ji2EsMH7vxxnWudqLb%2B1DqI%2F1XKLLPC8UsrAhd6JgYFrD0qNgGOUOn7oiFTkAsZFBUv4mFxgCbpQfXaQRt4LKkmZw6os%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7964a7487fe43a7e-FRA
expires
Wed, 08 Feb 2023 13:23:48 GMT
chat_google_logo.png
www.chatbro.com/images/ 		656 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chatbro.com/images/chat_google_logo.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c1fc1f22827f0dabf3486fdc286f1c909e7acc4b5999365b9328c36c18d17d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
656
last-modified
Tue, 30 Aug 2022 18:54:10 GMT
server
cloudflare
etag
"630e5cd2-290"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUY6BpBJfPG%2BG0afHrAww8XuXh4QKC6aphN9%2BX8Xfz29kcrBmQHHsZmPno80fFxpgAnKQhb%2BoqWgTcrSruqwk%2Bf9QDEZd0k2itHq%2FKBRTwHCk8jNJbnKLb3dcDzQ9Pk0RTMXwd5KBTOyP4dHaFc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7964a7487fe53a7e-FRA
expires
Wed, 08 Feb 2023 13:24:13 GMT
no_connection.png
www.chatbro.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.chatbro.com/images/no_connection.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8325 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d026f555341e85649cd2edd6848b55b6cedfcca0c62bba5099e69b62ea713e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
207
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1614
last-modified
Tue, 30 Aug 2022 18:54:10 GMT
server
cloudflare
etag
"630e5cd2-64e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeWik6DyPUvJnC%2FMHeXqNuptsqDTA6q6kS3VjFvUDb3hsRO1i42%2BGZe%2FhU4goKtek1HFtkywjTutC0cLCk0UgRpzpHVINvw5GVjbIrRHSKS4TOO0b%2BaYr07z9ayaP5c8vIpYPetN4YB4Aqyemoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7964a7487fe63a7e-FRA
expires
Wed, 08 Feb 2023 13:25:22 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/ 		361 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5822243610880583&plah=www.flaresenha.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a7d8101fbe38aabd0075146f5301295d6789de4f6c7caf7d5b72196207bd538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121184
x-xss-protection
0
server
cafe
etag
7421580904727120287
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/ Frame CCB6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30268
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
etag
10353107486223812946
expires
Wed, 22 Feb 2023 04:54:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame B488 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYArPincbDsAtMKtUx4eXISLKfhZYzKYTh9sxxCTNuR0zcsz5CJnOqRyK4q5sJRJo3SoDrun5FxQZsUJlfH14-qhdXHYxUute9mG8sPZJZ_FVxogxHAAKXWNIsK1hN5b_zzDUC05Pd4wqg3J4pXCFvDtwzJ_ASMbrYwxgNlIzo0KqKE3XYh49g2ukKVZuK9MPsUUdQykfs2SsBqozrO0vZjXscM9YYrWTb84sPIF_sqFWmrnVUiUxIsUZQosJH0wQNG7skdxVA1M0Hk7PBKnHakZ7zc8_uUaSmIg65vptp6TktGRLVCmSSh5BTEWK-Kw6_ixjVAh5NabNhA6b3xg&sai=AMfl-YQSzRINXy5hzlO2QmgttF69vhVkPBY4G4owdGpbjSizqAOFik_T-D7y6a5XT-yTkU0w0Pea6-QpNMmvyVoCfSJu5jIdFE8CHVu8tEhDRJ6VW-5zQ9xY8nL9uM6t1k_TX4rN1YniqUQ1nj8-lTg&sig=Cg0ArKJSzP3qr3y-iSRJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:49 GMT
7f5667890e56de28cb734293df7d2c73.js
scripts.cleverwebserver.com/ 		124 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.cleverwebserver.com/7f5667890e56de28cb734293df7d2c73.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff39d152a05c1657f5a722c7c7a1b991b5f39c6c59bb8aa4541273b7139dd1d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
x-amz-version-id
zJHRyfmPQDT.9mOruiGRLz4q0EWjhjcz
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 27 Dec 2022 16:57:29 GMT
server
cloudflare
x-amz-request-id
0KKKGKFS4PRM1XMA
etag
W/"267c8242acbb43c5f7fafee56e90dc3b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7964a749bfdc2c6d-FRA
x-amz-id-2
IDqYNrO14iCe52hVylhYCucYFJLQ9M2Wi1cXqS63oGT7EFMXkZjKTLN+tYkGyhxVpK4zfY2n1Sk=
expires
Wed, 08 Feb 2023 13:48:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B488 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x100&ifi=8&adks=2756730836&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-v-destaque3&sc=1&cookie=ID%3D54334847aa02f026%3AT%3D1675862329%3AS%3DALNI_MY2SPOSbnkId0-i78A3VsRUCUpuaA&gpic=UID%3D00000bb284becc38%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_MaZMqId2lcVen186aKIkvfdxukHjg&abxe=1&dt=1675862329848&lmt=1675862329&dlt=1675862328631&idt=713&adxs=425&adys=3973&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=380x0&msz=380x0&fws=0&ohw=0&psts=AD37Y7s_OG0G1agQyc0OVRj4G_g4ecaOWGgw-6F_S21uAXc8OUc3idEBDAS9soMd8n9OOOmSV2308RmBOg5d14zKIQ&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
693c52167965842cd438402afcedea02f31996bf37f7933ea521e239696bc4b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8058
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
jegicon.woff
www.flaresenha.com/wp-content/themes/jnews/assets/dist/font/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.8.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

Referer
https://www.flaresenha.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=10.8.0
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Fri, 04 Nov 2022 01:28:30 GMT
server
nginx/1.20.2
etag
"63646abe-1be8"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff
access-control-allow-origin
https://www.flaresenha.com
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
7144
expires
Wed, 15 Feb 2023 13:18:49 GMT
load
z.cdn.fsmads.biz/ 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.fsmads.biz/load?z=1326395243&div=zone_1326395243&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=2653&pl=3&mi=4&me=8&hc=4&n=1675862329861&url=www.flaresenha.com%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=Fla%20Resenha%20%7C%20Flamengo&zyx=1698083176
Requested by
Host: cdn.fsmads.biz
URL: https://cdn.fsmads.biz/libs/e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
85.17.31.162 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:49 GMT
Cache-Control
no-cache, must-revalidate
Server
nginx
Connection
keep-alive
P3P
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
juicebarads.flaresenha.com.1374018.es6.js
jsc.mgid.com/j/u/ 		655 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
678d5f8da302302c288be75b8a7b97403fcf5810c8b364c21104166560e29b5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
x-amz-version-id
cw.MDEA5Crc4lqjpNvALptYtZ9t310uX
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
0N490C7TNGPKS59X
cf-polished
origSize=670819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
OkAHIPV/vRpOrUrAHHmrJ8ip8qiZJFDP78DxTAnp4vVEBMRGpzq7CNydqYby2/3aOU7Rf3gLZMo=
cf-bgj
minify
last-modified
Thu, 26 Jan 2023 11:24:38 GMT
server
cloudflare
etag
W/"522bcfdbb9a127a02de01ded63722e9c"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7964a749bc0330ca-FRA
expires
Wed, 08 Feb 2023 16:18:50 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		22 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=9&adks=1071603857&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-sticky&sc=1&cookie=ID%3D54334847aa02f026%3AT%3D1675862329%3AS%3DALNI_MY2SPOSbnkId0-i78A3VsRUCUpuaA&gpic=UID%3D00000bb284becc38%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_MaZMqId2lcVen186aKIkvfdxukHjg&abxe=1&dt=1675862329887&lmt=1675862329&dlt=1675862328631&idt=713&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=640&ohw=0&psts=AD37Y7s_OG0G1agQyc0OVRj4G_g4ecaOWGgw-6F_S21uAXc8OUc3idEBDAS9soMd8n9OOOmSV2308RmBOg5d14zKIQ&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bc4bec5aa587ed13e12d557bd8e225a9fd0f8aeb140544d97819f407dcff4ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10235
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Feb 2023 13:12:08 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
402
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 08 Feb 2023 15:12:08 GMT
fa-regular-400.woff2
www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-regular-400.woff2
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850

Request headers

Referer
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Wed, 05 Oct 2022 12:47:08 GMT
server
nginx/1.20.2
etag
"633d7ccc-34fc"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://www.flaresenha.com
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
13564
expires
Wed, 15 Feb 2023 13:18:49 GMT
fa-brands-400.woff2
www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781

Request headers

Referer
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Wed, 05 Oct 2022 12:47:08 GMT
server
nginx/1.20.2
etag
"633d7ccc-12668"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://www.flaresenha.com
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
75368
expires
Wed, 15 Feb 2023 13:18:49 GMT
fa-solid-900.woff2
www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009

Request headers

Referer
https://www.flaresenha.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/all.min.css?ver=6.9.0
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:49 GMT
last-modified
Wed, 05 Oct 2022 12:47:08 GMT
server
nginx/1.20.2
etag
"633d7ccc-127f0"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://www.flaresenha.com
cache-control
max-age=604800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
75760
expires
Wed, 15 Feb 2023 13:18:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		313 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&adks=2482102539&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Doutofpage&sc=1&cookie=ID%3D54334847aa02f026%3AT%3D1675862329%3AS%3DALNI_MY2SPOSbnkId0-i78A3VsRUCUpuaA&gpic=UID%3D00000bb284becc38%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_MaZMqId2lcVen186aKIkvfdxukHjg&abxe=1&dt=1675862330007&lmt=1675862330&dlt=1675862328631&idt=713&adxs=0&adys=4524&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7feee2b5dd44976a5d21797f47d6137ab1829d12fbcec2b1671664e1078e43c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		594 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/122572/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-4.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6ab2a80a2b15147970d7541739f77581c830e997316afaff16b73c761c0942be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
last-modified
Tue, 07 Feb 2023 16:07:45 GMT
x-amz-request-id
SDV3MPVG4CF0QEY9
etag
"41409b04b8c5e3d82f4b4880d155989e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
9
accept-ranges
bytes
content-length
132574
x-amz-id-2
6MJt05pESvVKrFheqq9aKnpQ4vzsnUp6AgJdSaEfg1sqnhxUnlygfnEOpnppEKEb+eZT3/GF4vg=
expires
Wed, 08 Feb 2023 13:48:50 GMT
marcos-braz-1-360x180.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/01/marcos-braz-1-360x180.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
77f34d8cc57c95b3e527f6707fa6bd2532e3857544c83cea4b47cf1a13318f72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sun, 29 Jan 2023 01:33:42 GMT
server
nginx/1.20.2
etag
"63d5ccf6-2212"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
8722
expires
Wed, 15 Feb 2023 13:18:50 GMT
marcos-braz-landim-75x75.jpg
www.flaresenha.com/wp-content/uploads/2022/09/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2022/09/marcos-braz-landim-75x75.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
f0039931f5a8ccf66d55ddc48e0ffbe261003b2d7c75dd332b22fad61bfb633c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sun, 04 Sep 2022 00:24:08 GMT
server
nginx/1.20.2
etag
"6313f028-796"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
1942
expires
Wed, 15 Feb 2023 13:18:50 GMT
carlos-leite-spindel-braz-gomes-landim-flamengo-75x75.jpg
www.flaresenha.com/wp-content/uploads/2022/09/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2022/09/carlos-leite-spindel-braz-gomes-landim-flamengo-75x75.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
0881e41f5f6d50807cd33f5dfad23abc851c653beeacd8e5c3a62e41adf3fd13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sat, 17 Sep 2022 16:36:25 GMT
server
nginx/1.20.2
etag
"6325f789-a0d"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
2573
expires
Wed, 15 Feb 2023 13:18:50 GMT
david-luiz-arbitro-flamengo-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/david-luiz-arbitro-flamengo-75x75.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d3c5464c762ea6855487fb6122c1c21fa14f8e488ffe8b3d53400088727b3d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:32:29 GMT
server
nginx/1.20.2
etag
"63e3884d-2319"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
8985
expires
Wed, 15 Feb 2023 13:18:50 GMT
flamengo-al-hilal-gerson-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/flamengo-al-hilal-gerson-75x75.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
1966cf1d89e891edd2ffab700342a8fdac95dfad5e0f502e85c85a9b8fd36090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:27:38 GMT
server
nginx/1.20.2
etag
"63e3872a-2a12"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
10770
expires
Wed, 15 Feb 2023 13:18:50 GMT
gabigol-arbitro-cartao-vermelho-flamengo-mundial-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/gabigol-arbitro-cartao-vermelho-flamengo-mundial-75x75.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
f92681e4af4cfddc0de8b368d17d2f364d0e0fb34b96a768b1af46e5fdb19685

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:22:46 GMT
server
nginx/1.20.2
etag
"63e38606-2e8b"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
11915
expires
Wed, 15 Feb 2023 13:18:50 GMT
santos-penalti-flamengo-al-hilal-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/santos-penalti-flamengo-al-hilal-75x75.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
86ec3d619a805fd0686314a902e6958e429b6edcaaca519e7b76a3f3564c2a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:20:27 GMT
server
nginx/1.20.2
etag
"63e3857b-8f5"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
2293
expires
Wed, 15 Feb 2023 13:18:50 GMT
vitor-pereira-flamengo-2-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/vitor-pereira-flamengo-2-75x75.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
970957f2aba651f460d86a701c183840492b6a744b1f44b14c32cb9ba0139648

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:16:00 GMT
server
nginx/1.20.2
etag
"63e38470-84b"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
2123
expires
Wed, 15 Feb 2023 13:18:50 GMT
pedro-everton-ribeiro-flamengo-75x75.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/pedro-everton-ribeiro-flamengo-75x75.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
725ddc7aa515f9636fc7aa33fbd83803cea8b725342fc088e58ca6822ecae47c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:13:49 GMT
server
nginx/1.20.2
etag
"63e383ed-296b"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
10603
expires
Wed, 15 Feb 2023 13:18:50 GMT
marcos-braz-1-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/01/marcos-braz-1-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
24c53099d9125394fa11e9ad8345a58578aac01ce53415fe6c7a922f94b9fd5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sun, 29 Jan 2023 01:33:43 GMT
server
nginx/1.20.2
etag
"63d5ccf7-2ac3"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
10947
expires
Wed, 15 Feb 2023 13:18:50 GMT
flaresenha.com.js
intersc.igaming-service.io/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intersc.igaming-service.io/flaresenha.com.js?ver=202328
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2000:17:1c9a:3a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5690916cbb21f200cf8c6f992cd57f96f5dea1638bbb022836911da20e12702

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
via
1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront)
last-modified
Mon, 06 Feb 2023 10:32:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
5357
etag
W/"30766a978fd84607287eee0e26bb2dfa"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
8m9L4l3SMUHk6fU4bsF1uji7XOaoNm1NI3fTkS7QOkBi12R83AeOGw==
pastoclockp.js
data.gblcdn.com/data/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.gblcdn.com/data/pastoclockp.js?aid=6f4889f8e38ca8e79c6a&pubid=744c9150-3cb4-11ec-bc36-9df6e97a3d66&pid=mgsmihfsmlaua&renderD=0&limitT=0&limitH=24&parent=body&t=i&mt=b
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96495736e304e92c2c59f020def4d40398dd58502ad7504281cab1e4a8ccf3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
via
1.1 3a7672912a556fc61dac56701b81d9e2.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
w.Gf85prZuTFkJVjfHHqOj9vtPXeqD6H
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81761
x-amz-cf-pop
CDG53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 09:39:02 GMT
server
cloudflare
etag
W/"d38eebc021752f86f15983ab1ffaaf45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QWaIya4HZvvDFlTn1KP0vTE%2B7IUtFEfA5x8V573gunbypF6YLPPZiXEIRFhRZKvL6i3NEZWuLPJ2QcGqb9YyBXyaNNUgWUInGMEJb%2BvY2tICb0tZXPGUHUmGJoW5CLxhWEzzNV7IheO%2FL%2BJeSoI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
7964a74b4d2f9a18-FRA
x-amz-cf-id
eCphxGVFzYTlbusmYVM0hVZoXYKp-EJTOqCi2OnWn6-_LZ1FZcslOQ==
load
z.cdn.trafficdok.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.trafficdok.com/load?z=1995623134&div=zone_1995623134&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=2653&pl=3&mi=4&me=8&hc=4&n=1675862329861&url=www.flaresenha.com%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=Fla%20Resenha%20%7C%20Flamengo&zyx=1698083176
Requested by
Host: cdn.fsmads.biz
URL: https://cdn.fsmads.biz/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
server
nginx
content-length
13
content-type
text/plain; charset=utf-8
load
z.cdn.trafficdok.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.trafficdok.com/load?z=1618681264&div=zone_1618681264&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=2653&pl=3&mi=4&me=8&hc=4&n=1675862329861&url=www.flaresenha.com%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=Fla%20Resenha%20%7C%20Flamengo&zyx=1698083176
Requested by
Host: cdn.fsmads.biz
URL: https://cdn.fsmads.biz/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
213.227.149.183 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
server
nginx
content-length
13
content-type
text/plain; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ifi=11&adks=2661778175&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-h-destaque2&sc=1&cookie=ID%3D54334847aa02f026%3AT%3D1675862329%3AS%3DALNI_MY2SPOSbnkId0-i78A3VsRUCUpuaA&gpic=UID%3D00000bb284becc38%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_MaZMqId2lcVen186aKIkvfdxukHjg&abxe=1&dt=1675862330105&lmt=1675862330&dlt=1675862328631&idt=713&adxs=546&adys=3283&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=790x0&msz=730x0&fws=0&ohw=0&psts=AD37Y7s_OG0G1agQyc0OVRj4G_g4ecaOWGgw-6F_S21uAXc8OUc3idEBDAS9soMd8n9OOOmSV2308RmBOg5d14zKIQ&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d39cadf726b104e385bff773c15a69f5df333e2c9de116af1b6c55dbae802707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8830
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=12&adks=128102006&sfv=1-0-40&prev_scp=site%3Dflaresenha%26place%3Ddm-h-destaque&sc=1&cookie=ID%3D54334847aa02f026%3AT%3D1675862329%3AS%3DALNI_MY2SPOSbnkId0-i78A3VsRUCUpuaA&gpic=UID%3D00000bb284becc38%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_MaZMqId2lcVen186aKIkvfdxukHjg&abxe=1&dt=1675862330110&lmt=1675862330&dlt=1675862328631&idt=713&adxs=857&adys=119&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=728x0&msz=728x0&fws=0&ohw=0&psts=AD37Y7s_OG0G1agQyc0OVRj4G_g4ecaOWGgw-6F_S21uAXc8OUc3idEBDAS9soMd8n9OOOmSV2308RmBOg5d14zKIQ&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
142124a0fcc5e347736330a2799e66513606ac0bfcdb0236388a1d8a2b42998d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8484
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F7D9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		218 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.flaresenha.com&callback=_gfp_s_&client=ca-pub-5822243610880583&cookie=ID%3D681ed6fb97d6f13a%3AT%3D1675862329%3AS%3DALNI_Mb1isc5YIOTHVcxf0WMwXA3hQF_CQ&gpic=UID%3D00000bb282e04c01%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_Mawvt2QLKtcDywgWr8BHacoHulaFg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5822243610880583&plah=www.flaresenha.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ac699fcaa3fac85032e280c3cde8be89fbf7080f7e076c9dc457a5e65face27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
204
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.flaresenha.com%2F&tn=DIV&cls=chatbro_minimized_chat%20chatbro_movable_chat%20chatbro_header_rotare_to_bottom&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B62A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5822243610880583&output=html&adk=1812271804&adf=3025194257&lmt=1675862330&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.flaresenha.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1675862329693&bpp=6&bdt=1061&idt=542&shv=r20230206&mjsv=m202301240101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D681ed6fb97d6f13a%3AT%3D1675862329%3AS%3DALNI_Mb1isc5YIOTHVcxf0WMwXA3hQF_CQ&gpic=UID%3D00000bb282e04c01%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_Mawvt2QLKtcDywgWr8BHacoHulaFg&nras=1&correlator=1636428821851&frm=20&pv=2&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837&oid=2&pvsid=1487383016189401&tmod=744123798&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=609
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5822243610880583&plah=www.flaresenha.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf1a6afc4a7cb2a14c0cc71d68828723c82635e516160bc571deaffb2a77c6ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
3981
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
luiz-araujo-atlanta-750x500.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/luiz-araujo-atlanta-750x500.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
519ce7c4118d11ad09baf4fadc7b01179856d783cbf6a379b0ab1a3edb647b67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sun, 05 Feb 2023 20:41:35 GMT
server
nginx/1.20.2
etag
"63e0147f-ae85"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
44677
expires
Wed, 15 Feb 2023 13:18:50 GMT
angelo-selecao-750x938.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/angelo-selecao-750x938.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
9162c732a936d4eb0dce3bd456a303e37d79853ff460c8379700895cc86ff0df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sat, 04 Feb 2023 18:40:38 GMT
server
nginx/1.20.2
etag
"63dea6a6-158d3"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
88275
expires
Wed, 15 Feb 2023 13:18:50 GMT
santiago-hezze-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/santiago-hezze-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
d469de79b3e407080cfb1888ef6a5a193274025a5dec199a3021fef379882c1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sat, 04 Feb 2023 18:35:26 GMT
server
nginx/1.20.2
etag
"63dea56e-461c"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
17948
expires
Wed, 15 Feb 2023 13:18:50 GMT
shoya-nakajima-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/shoya-nakajima-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
c40af865339db7d58e5accda1a109f675fe5055ed39710a7b280478254e323bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Fri, 03 Feb 2023 02:26:17 GMT
server
nginx/1.20.2
etag
"63dc70c9-5058"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
20568
expires
Wed, 15 Feb 2023 13:18:50 GMT
/
ui.cleverwebserver.com/ 		159 B
195 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.cleverwebserver.com/
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b120bdcb93a9d6948893935c847086162bb21da500488d594ef3b7ad67f9a64b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7964a74d6e262c6d-FRA
content-type
application/javascript
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1208107848&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flaresenha.com%2F&ul=en-us&de=UTF-8&dt=Fla%20Resenha%20%7C%20Flamengo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1952443568&gjid=1977613301&cid=1497875045.1675862329&tid=UA-77540280-1&_gid=2143168901.1675862330&_r=1&_slc=1&z=487099456
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.flaresenha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EA5D 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNXhZQ6R3P5iBzXE9XgWXKnYu1gU5hpDMnSpnDBW6DcdYQTLZC8FL4uh52kvJaBsMW8U3P3tjSqXGTb3TYFqlvvoh2QDlMQK51LfzXX11VrK79d-_rxdXISOEP4h7Om9HruLD59GqcHG81c7z-aKPrkWm36BYtN-Ur1NeFYb3TrnoP7hLjs
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:50 GMT
expires
Wed, 08 Feb 2023 13:18:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F7D9 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7D9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNHvvr03ZmsJNjy-4CgQ5nnYGz1NFVMzRHJ140hRjaBDdkUzQsFcIH__V6Fp-enOkSxaWVxnSYsyo8FB4o5qSnrqa8G56zbGt987DpOrkqjKckcIQ
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7D9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3089678854757187298&x=1&ct=76
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame F7D9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame F7D9 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7D9 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:50 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 05E7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
ip-api.igaming-service.io/ 		305 B
561 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ip-api.igaming-service.io/
Requested by
Host: intersc.igaming-service.io
URL: https://intersc.igaming-service.io/flaresenha.com.js?ver=202328
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
3.10.72.72 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-72-72.eu-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
495a34bc470445f2f515e96a4f0e6eaa68b79605d12f772a0574132ea1aa1421
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 08 Feb 2023 13:18:50 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Length
305
Content-Type
application/json; charset=utf-8
wigo-no-slot
sync.teads.tv/ Frame A882 		325 B
486 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/wigo-no-slot
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
325
content-type
text/html; charset=UTF-8
date
Wed, 08 Feb 2023 13:18:50 GMT
expires
Wed, 08 Feb 2023 13:18:50 GMT
pragma
no-cache
server
akka-http/10.2.9
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=ab6dcb4f-35e3-468e-9a4b-23fce3bd42e6&pageId=122572&pid=133145&debug_metadata=zCvfhUThFZ&fv=1133-custom-native-tample&ts=1675862330565&f=1&referer=https%3A%2F%2Fwww.flaresenha.com%2F
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=noSlot-selector&env=js-web&auctid=ab6dcb4f-35e3-468e-9a4b-23fce3bd42e6&pageId=122572&pid=133145&fv=1133-custom-native-tample&ts=1675862330583&f=1&referer=https%3A%2F%2Fwww.flaresenha.com%2F
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.125.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-125-36.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Wed, 08 Feb 2023 13:18:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-77540280-1&cid=1497875045.1675862329&jid=1952443568&gjid=1977613301&_gid=2143168901.1675862330&_u=IAhAAEAAAAAAACAAI~&z=562968896
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.flaresenha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EA5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIwMRxPEr5gh5g9f1PXf-0U&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIwMRxPEr5gh5g9f1PXf-0U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNXhZQ6R3P5iBzXE9XgWXKnYu1gU5hpDMnSpnDBW6DcdYQTLZC8FL4uh52kvJaBsMW8U3P3tjSqXGTb3TYFqlvvoh2QDlMQK51LfzXX11VrK79d-_rxdXISOEP4h7Om9HruLD59GqcHG81c7z-aKPrkWm36BYtN-Ur1NeFYb3TrnoP7hLjs
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIwMRxPEr5gh5g9f1PXf-0U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EA5D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.OhOpYZgdQZ0MvM4CvzGQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIwMRxPEr5gh5g9f1PXf-0U&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIwMRxPEr5gh5g9f1PXf-0U&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNXhZQ6R3P5iBzXE9XgWXKnYu1gU5hpDMnSpnDBW6DcdYQTLZC8FL4uh52kvJaBsMW8U3P3tjSqXGTb3TYFqlvvoh2QDlMQK51LfzXX11VrK79d-_rxdXISOEP4h7Om9HruLD59GqcHG81c7z-aKPrkWm36BYtN-Ur1NeFYb3TrnoP7hLjs
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIwMRxPEr5gh5g9f1PXf-0U&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame EA5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEWpd_gJa5JYQ8BOauN93L8&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWpd_gJa5JYQ8BOauN93L8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNXhZQ6R3P5iBzXE9XgWXKnYu1gU5hpDMnSpnDBW6DcdYQTLZC8FL4uh52kvJaBsMW8U3P3tjSqXGTb3TYFqlvvoh2QDlMQK51LfzXX11VrK79d-_rxdXISOEP4h7Om9HruLD59GqcHG81c7z-aKPrkWm36BYtN-Ur1NeFYb3TrnoP7hLjs
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:50 GMT
AN-X-Request-Uuid
806dd6c8-8fb2-44ea-98e9-d16bdc8bf277
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEWpd_gJa5JYQ8BOauN93L8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EA5D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM-mgQIQ7aaX_gEYvo3ttAEwAQ&v=APEucNXhZQ6R3P5iBzXE9XgWXKnYu1gU5hpDMnSpnDBW6DcdYQTLZC8FL4uh52kvJaBsMW8U3P3tjSqXGTb3TYFqlvvoh2QDlMQK51LfzXX11VrK79d-_rxdXISOEP4h7Om9HruLD59GqcHG81c7z-aKPrkWm36BYtN-Ur1NeFYb3TrnoP7hLjs
Protocol
H2
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 08 Feb 2023 13:18:50 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f6573c46-90a1-4e43-8bad-8c03a81ced64
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pub-5822243610880583
fundingchoicesmessages.google.com/i/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-5822243610880583?ers=1
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/flaresenha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
594619f4fd4752eb0553a6bb8c65d95edcf9443d43895c7bfcc3b20ac6e3a0c0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S2u6Zf8-PeyN5zbSqPNN5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-S2u6Zf8-PeyN5zbSqPNN5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5822243610880583
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/flaresenha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d95cbf2e6dcc2b051c9706d8b1c710d65864730bc063b3dde8481e83faa16985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49759
x-xss-protection
0
server
cafe
etag
9965990842667814638
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:50 GMT
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: tags.juicebarads.com
URL: https://tags.juicebarads.com/js/flaresenha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3725537144519bcf4973099420fafd90e98875a0fdbe68cd64ad741b7cf86e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37847
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Feb 2023 13:18:50 GMT
t3m.js
tags.t.tailtarget.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-11382-4/CT-1249
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 11:29:05 GMT
content-encoding
gzip
via
1.1 google
age
6585
x-guploader-uploadid
ADPycdt85jrYrrQ134D15cxtrQMlYVn31SqUmqzAohZnH-6yNuK45-E9dvQ4dbd7JwRh7vBhBl7MkhQ6r-65FgzaxX8Rxw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6184
last-modified
Thu, 19 Dec 2019 17:12:55 GMT
server
nginx/1.8.1
etag
"0aa924c986b60c68345be2b644a237df"
vary
Accept-Encoding
x-goog-generation
1576775575233105
x-goog-hash
md5=CqkkyYa2DGg0W+K2RKI33w==
content-type
application/javascript
cache-control
max-age=7200,public
x-goog-stored-content-length
6184
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:29:05 GMT
marcos-braz-landim-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/09/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2022/09/marcos-braz-landim-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
3f1e27606d008685bb701d646e046ae2485ef18f96807b65da3ae000fbe6983f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sun, 04 Sep 2022 00:24:08 GMT
server
nginx/1.20.2
etag
"6313f028-3179"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
12665
expires
Wed, 15 Feb 2023 13:18:50 GMT
carlos-leite-spindel-braz-gomes-landim-flamengo-350x250.jpg
www.flaresenha.com/wp-content/uploads/2022/09/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2022/09/carlos-leite-spindel-braz-gomes-landim-flamengo-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
35754d68cf567e2e0d32bc1a46a60622b52ae839d0eea3f7442f7aa1ecd37758

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Sat, 17 Sep 2022 16:36:25 GMT
server
nginx/1.20.2
etag
"6325f789-5661"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
22113
expires
Wed, 15 Feb 2023 13:18:50 GMT
david-luiz-arbitro-flamengo-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/david-luiz-arbitro-flamengo-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
daedf6d4662cd1dad7f1ec0faec6a794fc7855ebb94ca550d0037aa6a128210a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:32:29 GMT
server
nginx/1.20.2
etag
"63e3884d-563b"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
22075
expires
Wed, 15 Feb 2023 13:18:50 GMT
flamengo-al-hilal-gerson-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/flamengo-al-hilal-gerson-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
e8495a83453325a04aee350bd6af8fafae0171210a9ee132e84e626219a1f26d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:27:38 GMT
server
nginx/1.20.2
etag
"63e3872a-6ec8"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
28360
expires
Wed, 15 Feb 2023 13:18:50 GMT
gabigol-arbitro-cartao-vermelho-flamengo-mundial-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/gabigol-arbitro-cartao-vermelho-flamengo-mundial-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
8d94e615621b790f181ce63966747b89a4c62348b6310cdadfe459314e37570c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:22:45 GMT
server
nginx/1.20.2
etag
"63e38605-7c05"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
31749
expires
Wed, 15 Feb 2023 13:18:50 GMT
santos-penalti-flamengo-al-hilal-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/santos-penalti-flamengo-al-hilal-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
7f24972cda0f27bcfb106a9ee5cf686397c09e9940b6ed8dd04218a8b7020ebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:20:26 GMT
server
nginx/1.20.2
etag
"63e3857a-6702"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
26370
expires
Wed, 15 Feb 2023 13:18:50 GMT
vitor-pereira-flamengo-2-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/vitor-pereira-flamengo-2-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
f45fc64875f337dd72fdf5bc91b4e4cd8e9c8920924860f75f8454a4d3814a0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:16:00 GMT
server
nginx/1.20.2
etag
"63e38470-3925"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
14629
expires
Wed, 15 Feb 2023 13:18:50 GMT
pedro-everton-ribeiro-flamengo-350x250.jpg
www.flaresenha.com/wp-content/uploads/2023/02/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/uploads/2023/02/pedro-everton-ribeiro-flamengo-350x250.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
b4900f8af3f91b893e542f33be72efc2b56f8de85778c62f492a2aea8a1bbefa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
last-modified
Wed, 08 Feb 2023 11:13:48 GMT
server
nginx/1.20.2
etag
"63e383ec-7175"
vary
Accept
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
29045
expires
Wed, 15 Feb 2023 13:18:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8DB8 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNUIfXXqyGjfwqk4qA5vFnQRWbXzw-PloyY7l1RFuWJ_kUV3kXkCU_NsEVWgIpnzXTwQBxOO5LU5ruVSE7rImKrgjDCZ247fLwIDVTdQSxpbCb8sdQULgnHzpx6AO2VnyMYdS_KF_i33yAz5zeYHQO7zSkbg5i5y_kgovx8P8Dg9CLG18C0
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 05E7 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhjgURypaxvl2IYfGYO8y_Mk39pG-Zk_DgChWBK87BcQTKLLuQuTxHeADr_bjBB1UR2RXScZuAOLuInnVkPweKpmzys2yQAp_vDCy5s1Jd0bszD5I
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13437442914832575842&x=1&ct=77
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 05E7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985912&sid=18330&dvregion=0&unit=300x250
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a82 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 05E7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 05E7 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 05E7 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:50 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-77540280-1&cid=1497875045.1675862329&jid=1952443568&_u=IAhAAEAAAAAAACAAI~&z=1005602783
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-77540280-1&cid=1497875045.1675862329&jid=1952443568&_u=IAhAAEAAAAAAACAAI~&z=1005602783
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0279 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
43d1c554-6d67-4941-820f-388e85f68e97
https://www.flaresenha.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.flaresenha.com/43d1c554-6d67-4941-820f-388e85f68e97
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
36158afe-4cce-41b5-bfff-d1046d94cefc
https://www.flaresenha.com/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.flaresenha.com/36158afe-4cce-41b5-bfff-d1046d94cefc
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7D9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7819013333048&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7D9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7819013333048&version=m202301230201&ct=76&x=1&cor=3089678854757187000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F7D9 		70 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADxabFiM8IthWvMZ3rsUE-GiEzfI-hOesrVoWGWG_ka8udDr87KNGB7SgUGvNKF6Zi2Ykb7pzNflNQ9RPoBX1k1FArZw&cry=1&dbm_d=AKAmf-DKrvn_KdPSCMF3KBwY3VbKQzktZCkjPt_THsSrVygSOE6RufeKSlApu4uATx2yk6j7D0o2TxEzLD6Pj8qGJ8inEYOvivG0eZZ6Kdmrj-KXkhaVplSOf0qFWwqUqiUUnDRiASm7ImN_3Wx0-DqUjKpxXybLhF5CHXgxIwhUGXj6ZVINQc-sYvJA1SkWICiV_8uwckVgkMlP6He95w5oEWJvGHBOOWjhIDMbmCQkyGLdCmDfheM0LYa4EW20JRWMnNfzMoo3k3GwdHZ05Mz7_kgaUItRoiG34oa3pbGsxF4zSY1IhsCm2Cvxrzi0ojqZDCcY6cLhUIWp9ChKvBxFGDrrEs_FLgh_cwafODC-9_t4tzv_rL65ud73dd5SNjW4zuy84yNdUOMbQltdyuV5HRnIaX7VRwYcHkzCrJkdZDvFhTWAUSzUivirXQLN6EFjqzHOzLCl94HHWi3RcL3SzUZ-_-K4IMlQjM2n-6AtrNOD-HzwcECzE84eRwUZHLRoYia_Hru5S4-DbBvwFLvf-Seh751znC9d5jMbdd2JnHPxCLj-ZOca0rf6sD1VnwYsneqFVzXSuUm1DvX7wb-9aupag7ul5ARPq5wU2hicQiV_SZq7YyW5fk_zyTbQdMTPN2Ovnkd9YWcoKd5roi7MoiyTtEHbrWM9uEfn-Nwlouv9cjlizMMOkeEAhCUKvkIbs0I7m0bucHf642ZFGNZGcDvfMhYQoWvfpSEO1hTCtVUxSHH5RjqqKSQcoAik4CEv6GCCQMKO2963ywv8MOLO78y7kB67ZFv5rdLg5CBBrUQ7CVOC6PyAU-uHz8V43Fb2DbRWDB5odRwmjiXxSA3B6e6hcpm6MRmlWMotdkfL60eaFWlHbZlyViOld3xju9NhFRqPpVAIlmPM_PQ5GNyr_qkv-xMQJhKPmDtHeYN2ODv5kdi62o-DNzmqtgZ7fMdZLtjKYLR9Uw627BoL-9dm7cbFfyR4htMO3vEQmsbeLk10ozktd7_DR1nHTH2o_5N4jSN2kwSMEiEC2TuA_xLwjc_NxY6W5lEmyeqGzkTpff50xTAT6lcQTp5f0UxYzoF7k9MJRri05oFlKXI3VgFac8Gug7QzcXc654lXiOeLqh0pK-uNeqQSzlnniQ3ZAqx5xb4vm34jXdho0IgbFk3qXACkY_SKUho0PsAd4YNyIfwnMclWtCObz-ABfZMY-yfJscbuga930sUTsshDl5WaG3pjPP0cHftPZ57DvnBB8_3cVxmWh_9oDtl5IN4Cpci0kMNxpwjBkSIOPjmSdQlnx-gXtazjUakAC0boonAOOjcdcSb_9OGCJBHaD3VAUHuGh-ipzz0YQfZ227Ye4Ggdoj5fzsY1uRGjXAeMgMyBNafkCnhHnryNin9Egm2pzTpWMgKGDCxfyCf-cTFAn7xz-_Vt90fEJwPQm4pAqGGj-utRzFraM5wNko4EeTsrGc5YJCuoKC8Jkwm9Z4AaMNkko-2-xOoVneLC338_19dWWq_WpYjrjfxYIAjDt_Gai6MwPOzuW4MOrZeLEmhsYl0RFFSqd0MANBUcwiFGsnS4bjVStx3uLjTLKSb3FibKFAvI0SBIoGcuNh48du2CzKf0VIPqerUCTcUfkEl6ofZOX2AL7ZTKfT53oLtm45QKRYC89iR8ylxGK8I2d0P2OWkM3nvm3BBScWu3h9HSeAhfT1CFIoyuHOAi4FpeIdvcFWEadse4NTZts5klx84YpZfyoIF1-iQEiUcLYiGMYhgovvroC-lsaTEfSA6jqkw5SyZdSIVokMQWqplfp5IXvQrZ1Al9mHtnV06B6hYTfNXKdfnKGbL5ArC9-bjCSWppmT3hiWSrQzsWBwE5-YKinqUzxWshKnrJi3pmvsP9NbkqGYJ6QpB3rrUobC9DKXcgipb8fhSjUfO7Ay32xx_zz8HJm8UhDFnPjmZhW71aVLgimkYqisWcCKmXTAoIYR6VwGYKaljOwjcp_xtPPH5-3T0nwRm1Uu7yn5EAtJYvPaq63ea8k9fgj6sWGWYedJXapPonEXQ5a80-KK-dDOb4DpnAqQTJoxc0424Y0TQ8ormLGvdoBUTroJkGuVr-AK1GhG7QNcsL7YtLFYFK893cvAKkA9-OAIkoJTmI6ebwvtiMbbOZZkpo-PjV886wjx8-kRC8VCDPrf107lPbkiZdN7QMX89HAE98mRJ1c0nZ74TPcB9xrxdKNzoBXOb3PkB0_8qoIauY083__ICNlvmjC1wCYPguzjJA9AcD4l5SViWcTTuS_-VPdFwW5hv5QYc9RL4hgyefc3f0Hz-PG-D0rgXU27TtV9EJBrJm_pqNVVId_pR5Gsm-bXDSRrcU0gwtuaINFj3dgKdIIArZXK7SwLt1XO3MN0wDazYt9aOgu6DDYXGpZmi8zO8UZHDI0mIBEetAxbdlb0KuuGAwUKZBCpk8HyHOCkxGQyUgBZoG1eRFrp1Tsw3LeeWpYtMUtkuIgze8wEZbGeg77y_8UCcS9Va86cRAX3Er2m6QxQLjRZWPMK6_sCWj76lWOy8AXVVtTa4doqVamAavdg2dv7fo0jgETpXnRSTeJnf_g6pRdNtPEVjUniCzHfIII77vcRSfyOqw1iHPeZ3N0AfG3_n6Ysi6r8QO1M6XyYOGoS-DC09YhAd4PwuLsV8IXBs7kl0dr21GiJnAlkclpotpj0TlXTs0gKpnfgDEO4d3rR-X4-SFE_1ZIPDHHS1ga2POX6TrVPxHH-OKdbKmc8XSFnWATEmRI98u58CE6WEzcI6L7KCuXU7QwJqfDMvbVlsFVUNs-c-Dx5b5emqSEp6IX-6FwlYqYq709FPA7r_Cnzo4EgnakMt78mWrQo0Y1_QSwxMNTbwXiBM9B4sdpofc8oZj3FumOM5CR4IDC8TjoYIyC4nByxf5iKuI2LGXjhFztS_l9PXxbf_cdO4d1lOoCDGgFEb-80XQ7z5qTbGTHmUPg6du3MwA-_jS_KZ-D_qOQ-XGDG7cKqPBuzy-uKi3NGCSeY9eOnNW33bENqh71FgCNikbK6AdfLl9e7NOd6XEHDGIlvuT8u4Gei0Me9WYN7qOYrWXXKk_eiU2vQ2jvHuMT23zVfrx5SzJT0KKSn68mRDQTUzsT7MlwoQqM44fhn2KvIwX8sO506CCjxo8ijMUmuxXy8B6C7UG6B9Xy0vqj6TmdSTv-rqVmWY10VZsvAERvDdrVjuBQY_KSzmJP6VkRVHtGKXwIKNbhW1HBd8yCha2mexDGi7NfGHAvghBKfUPrkrLf5v2hBuJkkXSCzmWgxFLYRjyFpW5VX6ZrxisAshu4Alxq3Yy34NkpsLjckcPIcInKHSB59Zt5n6ulUsEPeYEpchWGaZu-Q4M7Z6yB5-9pAZRDrvYkhogMHkZwokzufKLG-05yokBbDfVTIlv7Bx1RZ_V7Wir7ogzLalIvc4hc8dRpOXn4tUb6M2tZT9MSRPeiBcyebYu3ZQzdeQ8f593Gxz6yt0JB3QcSmXZpqqgujWt4pvBUCk3zM1eiMsuknYk0Oo66FmIlQgVFmIhavKWtPAbVK1hdSHRBZCpo0oeVu0-eZ4P1IvHLV0eNlpFQ9OQHw8VUlJXVWEk-yi3SYk0f03ATB4wgXJ3wMkvOxs2gSRmA9Xp4ZhM1UtALpfLoIRGvcJMaAC3-Q&cid=CAQSSwDUE5ymyTd1sORP7nlVQvU9UUCllf5pxDVXIMOUWNjzoZcN-oruucchQQSZAtNfXheaohvv0CUu3dQ-qLG1bsYdb_56Lok2bDNXGRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3089678854757187000&adk=250412560&idt=182&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28afc13606efa1e9b752687c7f915cadf83dc0027f92a0a81bc13b9fe72bc85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34183
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
call.cleverwebserver.com/ 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://call.cleverwebserver.com/?id=36456&c=DE&r=HE&l=332&b=Chrome&os=Win10&mob=0&v=1.34.0&ref=aHR0cHM6Ly93d3cuZmxhcmVzZW5oYS5jb20v&ruri=&iv=-1&ctr=DE&sz=1200
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:50 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7964a74ffa9b2c6d-FRA
content-length
43
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 8DB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHcp77jlsNJ6vXDySIjZxoQ&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHcp77jlsNJ6vXDySIjZxoQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNUIfXXqyGjfwqk4qA5vFnQRWbXzw-PloyY7l1RFuWJ_kUV3kXkCU_NsEVWgIpnzXTwQBxOO5LU5ruVSE7rImKrgjDCZ247fLwIDVTdQSxpbCb8sdQULgnHzpx6AO2VnyMYdS_KF_i33yAz5zeYHQO7zSkbg5i5y_kgovx8P8Dg9CLG18C0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHcp77jlsNJ6vXDySIjZxoQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 8DB8 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNUIfXXqyGjfwqk4qA5vFnQRWbXzw-PloyY7l1RFuWJ_kUV3kXkCU_NsEVWgIpnzXTwQBxOO5LU5ruVSE7rImKrgjDCZ247fLwIDVTdQSxpbCb8sdQULgnHzpx6AO2VnyMYdS_KF_i33yAz5zeYHQO7zSkbg5i5y_kgovx8P8Dg9CLG18C0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 8DB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBfmNJKjGlUDnrHGawliafQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBfmNJKjGlUDnrHGawliafQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNUIfXXqyGjfwqk4qA5vFnQRWbXzw-PloyY7l1RFuWJ_kUV3kXkCU_NsEVWgIpnzXTwQBxOO5LU5ruVSE7rImKrgjDCZ247fLwIDVTdQSxpbCb8sdQULgnHzpx6AO2VnyMYdS_KF_i33yAz5zeYHQO7zSkbg5i5y_kgovx8P8Dg9CLG18C0
Protocol
H2
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 13:18:51 GMT
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBfmNJKjGlUDnrHGawliafQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 8DB8 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGLCql9sBMAE&v=APEucNUIfXXqyGjfwqk4qA5vFnQRWbXzw-PloyY7l1RFuWJ_kUV3kXkCU_NsEVWgIpnzXTwQBxOO5LU5ruVSE7rImKrgjDCZ247fLwIDVTdQSxpbCb8sdQULgnHzpx6AO2VnyMYdS_KF_i33yAz5zeYHQO7zSkbg5i5y_kgovx8P8Dg9CLG18C0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 13:18:50 GMT
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2859759093507&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2859759093507&version=m202301230201&ct=77&x=1&cor=13437442914832577000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 05E7 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A53kHXYSuJSXbO8YVb6YVDMVg2lzvhzW8p3WsSXZH95nTTw4miaUsPsYfjdZIVKPeW679dFrP_X8iS7netwhDQ4fD4mFeSjCiXI1WeBmzAmG10Mc4Z6p_nz5-JW5-govRAfORIeTykr1BvsnvrrKshzVTqe6ZRSycinE_EbTT_13AdjAg&cry=1&dbm_d=AKAmf-CqdpmzH0rXrd8y_KVrhCPhhmppqGGR9MVV4PtfRGwzVLsgOuM0uO088NhDDhZZ1sbXfyZgUZq2H8BYwIarhHU5xbBBgdhkXppyKW6HgrVLHscOh0UQWh026Y27nUz5pxai1eztrYxpPwh3t82U10yB3ivkvsuw0RzpfWtq7wT02hWA6iVK0VOZmS_7-96x6SOO2SKvOMakl2FlKXr6MayYkcsOEZZFxPU4Vr83RX5mNA9aXP4yatDJe_99w_PPN8YwM-Xlm3rqfqqEhylwEqzU4JCGHUszmIf_X2pcXh_-ba9muwcQvmspmyZNyQZm0Hp57X0PXajssQRxEw7NwU4SYWUaSgSp2haWvHWAqFpE-L2WkwjB0R8uQkAy3qyri_LPAccfPbly2ps27zyCHYt9XuVVvf92uTS3zlIuGUmf_A7z6C_hlSIopaYWJJGFGmmCSx1FDk6J2NsCOG6kiybNzSJSEF4ufi3JdYcoJh9r0lT1fFhlYljNgF4lLJht8aTSy-8p7UvU_7dTF1tMisT9SS3ubS5Z8Rq397QHYOBq9usakCeujN4BSWvrGTeCp2zlTrfgC9lPVTHFfjihBiTyI124MEd-ykLAbRpk5uOS7n-K9OvtPa3NpGSKM6Kh6UtkQt2sBmJR0ZXyD2VIADqF05-Mr3e37n9sVC8GE-8XsfJMMEzkPGEWsYDohEKzI00ZBFJiWndruvTKG-Nq60oyXhthEuOgB2V-nfmG4svcyVIaPgQSiFplj1-Liu9tVR8f_VHxEVdjJCQAKx23gUmYJrcelXnXNc18-G7Sv5hYNnIe2vt9OSflcLZG1-rZAECu3bVNhofGUMOXN0QyR0wFINUD_D3v3QmANLMxy8W8XgHhwzOvSlTOS7tDPt_RtM6N0-b8pSnuTFfOnNrmpXMzLhPCVc-QNe5NsTTJOmNmNfb8S39bDJNPzF33sxSXgmT2uFGFAROToXrYqsN1uFEmzTtzmrnOJ2FQ9-gxfgw8LWS4hCP57wfGgxpsjwkwxshZ9rE6fQFKd9IeTYrjnrv18WPaoEr-mIujxDNeL-31r_Y6RSTjMemA1kXabjh5oeTUrSjAdlluYZt2f0pKhut8pq2W4S8UFC8b6Y8DcrEn84TGa_QObI2Wk-a-tc1wj9zHZK2zQZO6mQK085MyMILHDWHIYRKWeArTNOZ0JtX38LM2YKlZ66hc-_HIFu_KMTVIi-_8AzMSk9QmNC9B9qmHDV0NSgDVG7LbMVduQWmcdN6a5wMaOT3O7Q2pJcku6rIOPTzge7XUB1ipKwGw97if7atzwSrx2PVTgQzz0D0pS3ZCmpZsf2PjyqW0QZkXozR0GXvw1ZNyeIchUe_OWmcsJgFvX4_ZEnyr6nXJOPQe2bfrVlxZudzzoBS8fL4k09gYtJ5JO_1_am6AGGchFaS49QP1vMpu-41BgGD-tjkjmpQjDXp_ScYXYRgBcTK8mDct-yWlZqisVLGasfXvWeDh4JDxRzdBRhd5qY6BxetP6HPPrNXSQgbGgCv4chYx0OBZk9LB6BDmIH-KjCx8CoFCUfAAH1gQWN4hJn9kS_sFNSLWS2Y10JAZP_p-4Usz3osiWt7zxJaSIonkvIfIEtdw4DTDAlsBPyfBGol0PATJ2biZgdY4oP_yBfIguVVzyrWMUe6y_m3UlLlomu5EMStaJ-mu2ujYhmkKDa0iHU75R915n5XsIr6wHvD8VhobVdos2P1q5UsEjpFQ_ORiw2W-awZPmCzD0SEBj_srwmRRUSrI6kMJIxsbpHHyI11YnCpfLSQcozuh1_s4olzsrpmtdIazy_SuKzAAweySWM39DbcycS_LAYwdV56DyQzORXQL70f_qS8r5NLp_neYkvnWYtKBsn4siNuwhbEcPqAlPsKFXtw0E62eq_qq9h-1tj1MDV4kTz44USsq3hfZ0aaaHFjeQ8KJ2jTmNqrGg3x2SUONmSc_1cgcTeaPm020th8kX9AmhGqNjLUlSNKNyHs6zC7ShAdk5pqYehgv07CKHB0HAhXD2TxBw8AyJ2rhC6Kgm7mZcatXBuatSR7gPxFggVCHTlLCqyeB4J2tAB4xhJnJNE9HL3xduBUREKsDnO3t3-tw9dKP70AP1RQayJ8kRl5Atw3mJrOWoA-Nsr1srxYKIQNJD36rliyqQPOIqZ6TjQl__Dw38ZDeAmBOSJwtvIN7bnM1g2fZjrHyBHbBjmr0X_a7Oz-f2jBCjj4r5iyB62vTJaQpg_I7f8JecZNa__M8XcQwj6W1STzFdz9Vq1UzB1PQEoIOAeyGLCABfImSwKMQXDr8A0gTHKuux4pHGeMGV1rPidnh4PBsv-rWJT76fkcXAMl49UyZElgfeqyv9-8L8WA4AI5kRZcyiDbpeISY114rURmhO6a6pP_BJVbaAOE9ok5gNsERkkTxLx10pS0wmV3Asf1qx26E_KuAdKm4g6F2qCfM-BvKepC2R-coaErNqu4xeILC-sGAMDXVUYYzPrjkhVZcsucliRrts0om1ceMg19mWM_kHcmiQ1v4T3smGZeEyFKRSPLsrdFqptnYHHhsnMDhGUjy3FMt8fNuYXS-ef4Rw0rcwh6rDKvWvrgsfyNqKRzQ13cVCQx5pOsVCZD3VUIXBX-_aAmFg6kXoWQUofMMh8QUfssC6qAhkHw4H2oZaHVJ3_bPjzBsvVFrNPKH-6pmmj_Nq0n1y7FGhJgh-cOlWhmDJfDwWJmT70E1v6L6tsJDcaa-DG1xkyB7BbdTEplit6Tfcs92h5fnuoFEzHVkAO6aHlIcPMZrf05kQ7F1MrBZXZauet36MhkbamtMIErQlKVs3-6amOqSoRf3LLsMfrX70J6IzCIxzO4dUqPyiBFTCwNDZ5CFIVzzghZuPbAivg2OfuGak2gQajVU4WwRYvjwZyvz4E7adQdG1004yhqwJCYLMXghdcu1TR1gfQ4yIUQFHpWiQ_OCXEyHVO7Xkv8lh1LQIaiAHc8Iw8zwYAWmHyxm6XdP8kFfSpMU9dQyWfRFNmmoVZDrrpHdPiPo1rU5mgmu7_Yv1tog4WLmICnDQXwonRLW2UJvULYAQ4-cj55utiVLiXur3TIGRHbxeJhguFV-XXy0_WdniwxHZC3aqV0Y2pI_9JqednOREVscHPUlRMvEAS9kFSL0XxUEIjpxuHjDjdet3NVImBO3TcaYLAzEEaU-xiW_UPFKQcwjgKzMLPyAez6GWSpmbW4uyr_ZVel4wiJC9Pb0p0F2RZ1dPUffXELA8atV11lAYnwUXJ5iMgIYsYp2CNYeXsc2rMGU0mZGpnAnXel-6QW6vBl1QEeB091IS7r3FhC8kUIQUehih9MhCiuzh5fsAEdtwA5pbue3EoSCo85rZraP0Pvd5adGeDqVYtZ9wBTiAgtkJgLnWXy-pNSQsdmT4HPhzZdkEC7sTwJCK_dkjU-fhe_8rJSqxmS_JrUBdDMyLdXir7W9y0Wp6Y946w&cid=CAQSSwDUE5ymMYoKrhn0f7vC0tI63iLZ8Y-VMyuSogfJpY_C2TRGhD1EFGJARG9U4SpJmMsInIsDn22pngnTfHH10obYKR4Dm3FgmKdmzhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=13437442914832577000&adk=2228999115&idt=124&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a85d1bc1eb555dfdb32546e1676a0dc3e8d01c98b33d952b9d1b27784a577bef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11193
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5459 		466 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYi_7m3wEwAQ&v=APEucNWawlxy712WNdQzPnvA7pSvZoYohsdM20aloHUuWhGBrUrXUYjza4pi5RoqWhNk--nxLqqvHRnuWUDWiVlrgjTUikvFDr1Xoxpgayw27F7xK19K8JbOXxNvxh7Znb9n0ZaauoMh1wpCcSbunWwu-2EBgvRJ9Euj26eThuFr_FWWfKoViRw
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:50 GMT
expires
Wed, 08 Feb 2023 13:18:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 690A 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19eb765b0d061355ef5bacfe138b01082b753a726388ecc614977aeb6f6b8f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27800
x-xss-protection
0
server
cafe
etag
13454357883945390929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 690A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 690A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 690A 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 690A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CJA0mqjZL9mEcsMY9MjkCSo407XvAlvPnAlS_dSFRSQFQ4IHWztInobf9S6n8y9FA34AOifHeUKlVSd9iNKwFU3TKQgmY3zUWwWsaeYB4rPQyn5Co
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 690A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1857037881730052281&x=1&ct=76
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2064 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		859 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1487383016189401&correlator=3057386941713791&output=ldjh&gdfp_req=1&vrg=2023020201&ptt=17&impl=fif&iu_parts=21622511100%3A22227164626%2Cflaresenha_multisize&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=13&adks=2179565890&sfv=1-0-40&ists=1&fas=8&prev_scp=site%3Dflaresenha%26place%3Dinterstitial&cust_params=Estilos-de-Vida%3Dna%26Interesses%3Dna%26Times-de-Futebol%3Dna%26Renda%3Dna%26Micro-Segmentos%3Dna%26Audiencias%3Dna%26Equipamentos%3Dna%26Faixa-Etaria%3Dna%26Genero%3Dna&sc=1&cookie=ID%3D61871e7e95945d7d%3AT%3D1675862329%3AS%3DALNI_Mbq6IYzaxCDxKfPfj282si9hjhBzw&gpic=UID%3D00000bb2842a0b5c%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_MacUtyV9AsfrGi85fNbLLhvU0Ocsw&abxe=1&dt=1675862331035&lmt=1675862331&dlt=1675862328631&idt=713&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.flaresenha.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AD37Y7s_OG0G1agQyc0OVRj4G_g4ecaOWGgw-6F_S21uAXc8OUc3idEBDAS9soMd8n9OOOmSV2308RmBOg5d14zKIQ&ga_vid=1497875045.1675862329&ga_sid=1675862329&ga_hid=1208107848&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c18e89b3cb72af17e6e7f2cf13482224094f0842437650c765eb9f424a80b28d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.flaresenha.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads_2023020201.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023020201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0acfc0c79d2e9084f691532eb014e8523316e895df7f0f805591bb4097f6a3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105521
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13747
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 09:36:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Feb 2024 08:00:10 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame F7D9 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADxabFiM8IthWvMZ3rsUE-GiEzfI-hOesrVoWGWG_ka8udDr87KNGB7SgUGvNKF6Zi2Ykb7pzNflNQ9RPoBX1k1FArZw&cry=1&dbm_d=AKAmf-DKrvn_KdPSCMF3KBwY3VbKQzktZCkjPt_THsSrVygSOE6RufeKSlApu4uATx2yk6j7D0o2TxEzLD6Pj8qGJ8inEYOvivG0eZZ6Kdmrj-KXkhaVplSOf0qFWwqUqiUUnDRiASm7ImN_3Wx0-DqUjKpxXybLhF5CHXgxIwhUGXj6ZVINQc-sYvJA1SkWICiV_8uwckVgkMlP6He95w5oEWJvGHBOOWjhIDMbmCQkyGLdCmDfheM0LYa4EW20JRWMnNfzMoo3k3GwdHZ05Mz7_kgaUItRoiG34oa3pbGsxF4zSY1IhsCm2Cvxrzi0ojqZDCcY6cLhUIWp9ChKvBxFGDrrEs_FLgh_cwafODC-9_t4tzv_rL65ud73dd5SNjW4zuy84yNdUOMbQltdyuV5HRnIaX7VRwYcHkzCrJkdZDvFhTWAUSzUivirXQLN6EFjqzHOzLCl94HHWi3RcL3SzUZ-_-K4IMlQjM2n-6AtrNOD-HzwcECzE84eRwUZHLRoYia_Hru5S4-DbBvwFLvf-Seh751znC9d5jMbdd2JnHPxCLj-ZOca0rf6sD1VnwYsneqFVzXSuUm1DvX7wb-9aupag7ul5ARPq5wU2hicQiV_SZq7YyW5fk_zyTbQdMTPN2Ovnkd9YWcoKd5roi7MoiyTtEHbrWM9uEfn-Nwlouv9cjlizMMOkeEAhCUKvkIbs0I7m0bucHf642ZFGNZGcDvfMhYQoWvfpSEO1hTCtVUxSHH5RjqqKSQcoAik4CEv6GCCQMKO2963ywv8MOLO78y7kB67ZFv5rdLg5CBBrUQ7CVOC6PyAU-uHz8V43Fb2DbRWDB5odRwmjiXxSA3B6e6hcpm6MRmlWMotdkfL60eaFWlHbZlyViOld3xju9NhFRqPpVAIlmPM_PQ5GNyr_qkv-xMQJhKPmDtHeYN2ODv5kdi62o-DNzmqtgZ7fMdZLtjKYLR9Uw627BoL-9dm7cbFfyR4htMO3vEQmsbeLk10ozktd7_DR1nHTH2o_5N4jSN2kwSMEiEC2TuA_xLwjc_NxY6W5lEmyeqGzkTpff50xTAT6lcQTp5f0UxYzoF7k9MJRri05oFlKXI3VgFac8Gug7QzcXc654lXiOeLqh0pK-uNeqQSzlnniQ3ZAqx5xb4vm34jXdho0IgbFk3qXACkY_SKUho0PsAd4YNyIfwnMclWtCObz-ABfZMY-yfJscbuga930sUTsshDl5WaG3pjPP0cHftPZ57DvnBB8_3cVxmWh_9oDtl5IN4Cpci0kMNxpwjBkSIOPjmSdQlnx-gXtazjUakAC0boonAOOjcdcSb_9OGCJBHaD3VAUHuGh-ipzz0YQfZ227Ye4Ggdoj5fzsY1uRGjXAeMgMyBNafkCnhHnryNin9Egm2pzTpWMgKGDCxfyCf-cTFAn7xz-_Vt90fEJwPQm4pAqGGj-utRzFraM5wNko4EeTsrGc5YJCuoKC8Jkwm9Z4AaMNkko-2-xOoVneLC338_19dWWq_WpYjrjfxYIAjDt_Gai6MwPOzuW4MOrZeLEmhsYl0RFFSqd0MANBUcwiFGsnS4bjVStx3uLjTLKSb3FibKFAvI0SBIoGcuNh48du2CzKf0VIPqerUCTcUfkEl6ofZOX2AL7ZTKfT53oLtm45QKRYC89iR8ylxGK8I2d0P2OWkM3nvm3BBScWu3h9HSeAhfT1CFIoyuHOAi4FpeIdvcFWEadse4NTZts5klx84YpZfyoIF1-iQEiUcLYiGMYhgovvroC-lsaTEfSA6jqkw5SyZdSIVokMQWqplfp5IXvQrZ1Al9mHtnV06B6hYTfNXKdfnKGbL5ArC9-bjCSWppmT3hiWSrQzsWBwE5-YKinqUzxWshKnrJi3pmvsP9NbkqGYJ6QpB3rrUobC9DKXcgipb8fhSjUfO7Ay32xx_zz8HJm8UhDFnPjmZhW71aVLgimkYqisWcCKmXTAoIYR6VwGYKaljOwjcp_xtPPH5-3T0nwRm1Uu7yn5EAtJYvPaq63ea8k9fgj6sWGWYedJXapPonEXQ5a80-KK-dDOb4DpnAqQTJoxc0424Y0TQ8ormLGvdoBUTroJkGuVr-AK1GhG7QNcsL7YtLFYFK893cvAKkA9-OAIkoJTmI6ebwvtiMbbOZZkpo-PjV886wjx8-kRC8VCDPrf107lPbkiZdN7QMX89HAE98mRJ1c0nZ74TPcB9xrxdKNzoBXOb3PkB0_8qoIauY083__ICNlvmjC1wCYPguzjJA9AcD4l5SViWcTTuS_-VPdFwW5hv5QYc9RL4hgyefc3f0Hz-PG-D0rgXU27TtV9EJBrJm_pqNVVId_pR5Gsm-bXDSRrcU0gwtuaINFj3dgKdIIArZXK7SwLt1XO3MN0wDazYt9aOgu6DDYXGpZmi8zO8UZHDI0mIBEetAxbdlb0KuuGAwUKZBCpk8HyHOCkxGQyUgBZoG1eRFrp1Tsw3LeeWpYtMUtkuIgze8wEZbGeg77y_8UCcS9Va86cRAX3Er2m6QxQLjRZWPMK6_sCWj76lWOy8AXVVtTa4doqVamAavdg2dv7fo0jgETpXnRSTeJnf_g6pRdNtPEVjUniCzHfIII77vcRSfyOqw1iHPeZ3N0AfG3_n6Ysi6r8QO1M6XyYOGoS-DC09YhAd4PwuLsV8IXBs7kl0dr21GiJnAlkclpotpj0TlXTs0gKpnfgDEO4d3rR-X4-SFE_1ZIPDHHS1ga2POX6TrVPxHH-OKdbKmc8XSFnWATEmRI98u58CE6WEzcI6L7KCuXU7QwJqfDMvbVlsFVUNs-c-Dx5b5emqSEp6IX-6FwlYqYq709FPA7r_Cnzo4EgnakMt78mWrQo0Y1_QSwxMNTbwXiBM9B4sdpofc8oZj3FumOM5CR4IDC8TjoYIyC4nByxf5iKuI2LGXjhFztS_l9PXxbf_cdO4d1lOoCDGgFEb-80XQ7z5qTbGTHmUPg6du3MwA-_jS_KZ-D_qOQ-XGDG7cKqPBuzy-uKi3NGCSeY9eOnNW33bENqh71FgCNikbK6AdfLl9e7NOd6XEHDGIlvuT8u4Gei0Me9WYN7qOYrWXXKk_eiU2vQ2jvHuMT23zVfrx5SzJT0KKSn68mRDQTUzsT7MlwoQqM44fhn2KvIwX8sO506CCjxo8ijMUmuxXy8B6C7UG6B9Xy0vqj6TmdSTv-rqVmWY10VZsvAERvDdrVjuBQY_KSzmJP6VkRVHtGKXwIKNbhW1HBd8yCha2mexDGi7NfGHAvghBKfUPrkrLf5v2hBuJkkXSCzmWgxFLYRjyFpW5VX6ZrxisAshu4Alxq3Yy34NkpsLjckcPIcInKHSB59Zt5n6ulUsEPeYEpchWGaZu-Q4M7Z6yB5-9pAZRDrvYkhogMHkZwokzufKLG-05yokBbDfVTIlv7Bx1RZ_V7Wir7ogzLalIvc4hc8dRpOXn4tUb6M2tZT9MSRPeiBcyebYu3ZQzdeQ8f593Gxz6yt0JB3QcSmXZpqqgujWt4pvBUCk3zM1eiMsuknYk0Oo66FmIlQgVFmIhavKWtPAbVK1hdSHRBZCpo0oeVu0-eZ4P1IvHLV0eNlpFQ9OQHw8VUlJXVWEk-yi3SYk0f03ATB4wgXJ3wMkvOxs2gSRmA9Xp4ZhM1UtALpfLoIRGvcJMaAC3-Q&cid=CAQSSwDUE5ymyTd1sORP7nlVQvU9UUCllf5pxDVXIMOUWNjzoZcN-oruucchQQSZAtNfXheaohvv0CUu3dQ-qLG1bsYdb_56Lok2bDNXGRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3089678854757187000&adk=250412560&idt=182&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10982
x-xss-protection
0
server
cafe
etag
3642240749246652247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame F7D9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADxabFiM8IthWvMZ3rsUE-GiEzfI-hOesrVoWGWG_ka8udDr87KNGB7SgUGvNKF6Zi2Ykb7pzNflNQ9RPoBX1k1FArZw&cry=1&dbm_d=AKAmf-DKrvn_KdPSCMF3KBwY3VbKQzktZCkjPt_THsSrVygSOE6RufeKSlApu4uATx2yk6j7D0o2TxEzLD6Pj8qGJ8inEYOvivG0eZZ6Kdmrj-KXkhaVplSOf0qFWwqUqiUUnDRiASm7ImN_3Wx0-DqUjKpxXybLhF5CHXgxIwhUGXj6ZVINQc-sYvJA1SkWICiV_8uwckVgkMlP6He95w5oEWJvGHBOOWjhIDMbmCQkyGLdCmDfheM0LYa4EW20JRWMnNfzMoo3k3GwdHZ05Mz7_kgaUItRoiG34oa3pbGsxF4zSY1IhsCm2Cvxrzi0ojqZDCcY6cLhUIWp9ChKvBxFGDrrEs_FLgh_cwafODC-9_t4tzv_rL65ud73dd5SNjW4zuy84yNdUOMbQltdyuV5HRnIaX7VRwYcHkzCrJkdZDvFhTWAUSzUivirXQLN6EFjqzHOzLCl94HHWi3RcL3SzUZ-_-K4IMlQjM2n-6AtrNOD-HzwcECzE84eRwUZHLRoYia_Hru5S4-DbBvwFLvf-Seh751znC9d5jMbdd2JnHPxCLj-ZOca0rf6sD1VnwYsneqFVzXSuUm1DvX7wb-9aupag7ul5ARPq5wU2hicQiV_SZq7YyW5fk_zyTbQdMTPN2Ovnkd9YWcoKd5roi7MoiyTtEHbrWM9uEfn-Nwlouv9cjlizMMOkeEAhCUKvkIbs0I7m0bucHf642ZFGNZGcDvfMhYQoWvfpSEO1hTCtVUxSHH5RjqqKSQcoAik4CEv6GCCQMKO2963ywv8MOLO78y7kB67ZFv5rdLg5CBBrUQ7CVOC6PyAU-uHz8V43Fb2DbRWDB5odRwmjiXxSA3B6e6hcpm6MRmlWMotdkfL60eaFWlHbZlyViOld3xju9NhFRqPpVAIlmPM_PQ5GNyr_qkv-xMQJhKPmDtHeYN2ODv5kdi62o-DNzmqtgZ7fMdZLtjKYLR9Uw627BoL-9dm7cbFfyR4htMO3vEQmsbeLk10ozktd7_DR1nHTH2o_5N4jSN2kwSMEiEC2TuA_xLwjc_NxY6W5lEmyeqGzkTpff50xTAT6lcQTp5f0UxYzoF7k9MJRri05oFlKXI3VgFac8Gug7QzcXc654lXiOeLqh0pK-uNeqQSzlnniQ3ZAqx5xb4vm34jXdho0IgbFk3qXACkY_SKUho0PsAd4YNyIfwnMclWtCObz-ABfZMY-yfJscbuga930sUTsshDl5WaG3pjPP0cHftPZ57DvnBB8_3cVxmWh_9oDtl5IN4Cpci0kMNxpwjBkSIOPjmSdQlnx-gXtazjUakAC0boonAOOjcdcSb_9OGCJBHaD3VAUHuGh-ipzz0YQfZ227Ye4Ggdoj5fzsY1uRGjXAeMgMyBNafkCnhHnryNin9Egm2pzTpWMgKGDCxfyCf-cTFAn7xz-_Vt90fEJwPQm4pAqGGj-utRzFraM5wNko4EeTsrGc5YJCuoKC8Jkwm9Z4AaMNkko-2-xOoVneLC338_19dWWq_WpYjrjfxYIAjDt_Gai6MwPOzuW4MOrZeLEmhsYl0RFFSqd0MANBUcwiFGsnS4bjVStx3uLjTLKSb3FibKFAvI0SBIoGcuNh48du2CzKf0VIPqerUCTcUfkEl6ofZOX2AL7ZTKfT53oLtm45QKRYC89iR8ylxGK8I2d0P2OWkM3nvm3BBScWu3h9HSeAhfT1CFIoyuHOAi4FpeIdvcFWEadse4NTZts5klx84YpZfyoIF1-iQEiUcLYiGMYhgovvroC-lsaTEfSA6jqkw5SyZdSIVokMQWqplfp5IXvQrZ1Al9mHtnV06B6hYTfNXKdfnKGbL5ArC9-bjCSWppmT3hiWSrQzsWBwE5-YKinqUzxWshKnrJi3pmvsP9NbkqGYJ6QpB3rrUobC9DKXcgipb8fhSjUfO7Ay32xx_zz8HJm8UhDFnPjmZhW71aVLgimkYqisWcCKmXTAoIYR6VwGYKaljOwjcp_xtPPH5-3T0nwRm1Uu7yn5EAtJYvPaq63ea8k9fgj6sWGWYedJXapPonEXQ5a80-KK-dDOb4DpnAqQTJoxc0424Y0TQ8ormLGvdoBUTroJkGuVr-AK1GhG7QNcsL7YtLFYFK893cvAKkA9-OAIkoJTmI6ebwvtiMbbOZZkpo-PjV886wjx8-kRC8VCDPrf107lPbkiZdN7QMX89HAE98mRJ1c0nZ74TPcB9xrxdKNzoBXOb3PkB0_8qoIauY083__ICNlvmjC1wCYPguzjJA9AcD4l5SViWcTTuS_-VPdFwW5hv5QYc9RL4hgyefc3f0Hz-PG-D0rgXU27TtV9EJBrJm_pqNVVId_pR5Gsm-bXDSRrcU0gwtuaINFj3dgKdIIArZXK7SwLt1XO3MN0wDazYt9aOgu6DDYXGpZmi8zO8UZHDI0mIBEetAxbdlb0KuuGAwUKZBCpk8HyHOCkxGQyUgBZoG1eRFrp1Tsw3LeeWpYtMUtkuIgze8wEZbGeg77y_8UCcS9Va86cRAX3Er2m6QxQLjRZWPMK6_sCWj76lWOy8AXVVtTa4doqVamAavdg2dv7fo0jgETpXnRSTeJnf_g6pRdNtPEVjUniCzHfIII77vcRSfyOqw1iHPeZ3N0AfG3_n6Ysi6r8QO1M6XyYOGoS-DC09YhAd4PwuLsV8IXBs7kl0dr21GiJnAlkclpotpj0TlXTs0gKpnfgDEO4d3rR-X4-SFE_1ZIPDHHS1ga2POX6TrVPxHH-OKdbKmc8XSFnWATEmRI98u58CE6WEzcI6L7KCuXU7QwJqfDMvbVlsFVUNs-c-Dx5b5emqSEp6IX-6FwlYqYq709FPA7r_Cnzo4EgnakMt78mWrQo0Y1_QSwxMNTbwXiBM9B4sdpofc8oZj3FumOM5CR4IDC8TjoYIyC4nByxf5iKuI2LGXjhFztS_l9PXxbf_cdO4d1lOoCDGgFEb-80XQ7z5qTbGTHmUPg6du3MwA-_jS_KZ-D_qOQ-XGDG7cKqPBuzy-uKi3NGCSeY9eOnNW33bENqh71FgCNikbK6AdfLl9e7NOd6XEHDGIlvuT8u4Gei0Me9WYN7qOYrWXXKk_eiU2vQ2jvHuMT23zVfrx5SzJT0KKSn68mRDQTUzsT7MlwoQqM44fhn2KvIwX8sO506CCjxo8ijMUmuxXy8B6C7UG6B9Xy0vqj6TmdSTv-rqVmWY10VZsvAERvDdrVjuBQY_KSzmJP6VkRVHtGKXwIKNbhW1HBd8yCha2mexDGi7NfGHAvghBKfUPrkrLf5v2hBuJkkXSCzmWgxFLYRjyFpW5VX6ZrxisAshu4Alxq3Yy34NkpsLjckcPIcInKHSB59Zt5n6ulUsEPeYEpchWGaZu-Q4M7Z6yB5-9pAZRDrvYkhogMHkZwokzufKLG-05yokBbDfVTIlv7Bx1RZ_V7Wir7ogzLalIvc4hc8dRpOXn4tUb6M2tZT9MSRPeiBcyebYu3ZQzdeQ8f593Gxz6yt0JB3QcSmXZpqqgujWt4pvBUCk3zM1eiMsuknYk0Oo66FmIlQgVFmIhavKWtPAbVK1hdSHRBZCpo0oeVu0-eZ4P1IvHLV0eNlpFQ9OQHw8VUlJXVWEk-yi3SYk0f03ATB4wgXJ3wMkvOxs2gSRmA9Xp4ZhM1UtALpfLoIRGvcJMaAC3-Q&cid=CAQSSwDUE5ymyTd1sORP7nlVQvU9UUCllf5pxDVXIMOUWNjzoZcN-oruucchQQSZAtNfXheaohvv0CUu3dQ-qLG1bsYdb_56Lok2bDNXGRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3089678854757187000&adk=250412560&idt=182&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F7D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsseqT1nZ2NdtUTJ3JaWMLJyLsjcvoHYct2lDQRkjqINalzl4MNfARLzzL--M04-zJJGsj-svvFP8nihc_qmpES7Ce0I_sYjdQJCVggI5RwgJ1vsOYhMc9mD-ELaKpHBYZ948SsdmX3v7qAWIjglrgPwmTWgE_C1plHYo9MBg5vv-XkRtlRSutOCSGiCvpmk2ZwQwxp0xRM_PS8Bn5hKzqnFnL3deTpymbDdal3sAGad6ChMv-7t7B7hDIk_UDVRjo5Xtd8M6MTeUjpuuHSWhYXbeOw_l5ifWYWecdQDMgU9iUWATufDbjHYmjh2on00ZN92k8x5mMaqvkqQFD03zqcj9i55HzC_Ngo391SoUlzQVBcDFP428RDYDrLpV5mRjjR2JnPWONU0Uj1yn2fL_MAD_JRVGS5HYFcQW63WuQFyS07kcEVBTzLD_EV-4NhejWp3fsq8eWwn-EEQPsqhVXEnlj3PTAH-iyN9VKf-y5WHRnwHnGjD3vdjhp-ZEG5WXeqB9qZDIsNLrGgwcxt9oTK1enrsaOzlVjSx0zc-QRCs5-q87H5olm6yBzyOU-oD9KPyFWa6eArf18b6pLmxgyf8SEjHhI_Q8Ga64rEQ7fWQ2jsNxnWqiiKK7CNndmytc_jUaxrCx4PCKX0ML5RP7oKNJPViYAtfO0tg5ikyIMdl80FnM38NoQifsxOn4UYmSfGZu1-jM3k2YvuPQb3jGnmkn96QtRIISGhbRM6n80UJjnLBVDDgkuz3kFZqYTjLITM81TPtFAHEWyT7lUzCn9vEN4C9NkK1QNtFog7zXjRBPGvMisEUT04WAQh7HW1_G2yZ0243YfWD457Tjx-DVvz43tltwlM9Quxh7H60dtf34XEMeU_7t-AejZz0vz4t6SVZC4ixZhJBtfl6wGtPPvt50rBBxryAL74H8zkLXzmwDUhLEzvlAhfxaUvOVSsm3cKCU-iXsjrWyk_V2y-wEezG5jt5wO3mSNVV3jjJ-082shB294oCAyD8Co-vxa3mZmFs852S7EfhDwazgcW9-Pv1lmZb2KoUF58PwdTE1lLYHt7Ig06UhjtEYumkGusZH4LI2its8WEnGaR_ocd2xQJHzt4DhPm1FhbqjTU1gJqcl_-_0BAzWuCqArRI5SySTRd6UiDlIMwq3jq2kxvDjMeZF6vstGqhmMzJd0BHAg9-iT2PzrmVUHrhNpIqDOa_2mEwqrONKeRNXqwevuZQBE0nIZYGf87YQdT0aZ6pfArgFeX6_YBAu-YAlV5-rkMihUUWnjLLk11NdWydivigHHqfIqyARWhHI3INutHP8mGULbDgzone0ngkWylS2vh5Y2m-OpfyPgOfTyR-0hzpuph3FSa56eT72MkDcmyXrurZbLhjC7-g1C337Ei6o-MxfsFkPlRwXaNINHUS1bCkQymJKA&sai=AMfl-YS4vdO2D-DSTwQNg-O3qpt3_Z9IR3_nG042JOcNq5VVTfE8cwUg6ot8PYvXFbNxEVor3zwzQawyWfFTfR-RMuwpZ7SIv79TwblNy2GWMDug-0zljmXXJ_nI8SQOZjUANgPmVPsFuG_sTrJ6yJTNMn29vsyhFA78UtqPn0Jo32c7vDLaOsQ63QzkIjfSJute9efRrGO9gJuKKddXPR86pvo6Dm60zufo3ZFYiL1xlahERqqQ0D1K5PYzFEaemlWAyGv_ebJO12hfrOwF6zdebGFs0xrZcyqJ&sig=Cg0ArKJSzFxw064kpgCqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230206.65251&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADxabFiM8IthWvMZ3rsUE-GiEzfI-hOesrVoWGWG_ka8udDr87KNGB7SgUGvNKF6Zi2Ykb7pzNflNQ9RPoBX1k1FArZw&cry=1&dbm_d=AKAmf-DKrvn_KdPSCMF3KBwY3VbKQzktZCkjPt_THsSrVygSOE6RufeKSlApu4uATx2yk6j7D0o2TxEzLD6Pj8qGJ8inEYOvivG0eZZ6Kdmrj-KXkhaVplSOf0qFWwqUqiUUnDRiASm7ImN_3Wx0-DqUjKpxXybLhF5CHXgxIwhUGXj6ZVINQc-sYvJA1SkWICiV_8uwckVgkMlP6He95w5oEWJvGHBOOWjhIDMbmCQkyGLdCmDfheM0LYa4EW20JRWMnNfzMoo3k3GwdHZ05Mz7_kgaUItRoiG34oa3pbGsxF4zSY1IhsCm2Cvxrzi0ojqZDCcY6cLhUIWp9ChKvBxFGDrrEs_FLgh_cwafODC-9_t4tzv_rL65ud73dd5SNjW4zuy84yNdUOMbQltdyuV5HRnIaX7VRwYcHkzCrJkdZDvFhTWAUSzUivirXQLN6EFjqzHOzLCl94HHWi3RcL3SzUZ-_-K4IMlQjM2n-6AtrNOD-HzwcECzE84eRwUZHLRoYia_Hru5S4-DbBvwFLvf-Seh751znC9d5jMbdd2JnHPxCLj-ZOca0rf6sD1VnwYsneqFVzXSuUm1DvX7wb-9aupag7ul5ARPq5wU2hicQiV_SZq7YyW5fk_zyTbQdMTPN2Ovnkd9YWcoKd5roi7MoiyTtEHbrWM9uEfn-Nwlouv9cjlizMMOkeEAhCUKvkIbs0I7m0bucHf642ZFGNZGcDvfMhYQoWvfpSEO1hTCtVUxSHH5RjqqKSQcoAik4CEv6GCCQMKO2963ywv8MOLO78y7kB67ZFv5rdLg5CBBrUQ7CVOC6PyAU-uHz8V43Fb2DbRWDB5odRwmjiXxSA3B6e6hcpm6MRmlWMotdkfL60eaFWlHbZlyViOld3xju9NhFRqPpVAIlmPM_PQ5GNyr_qkv-xMQJhKPmDtHeYN2ODv5kdi62o-DNzmqtgZ7fMdZLtjKYLR9Uw627BoL-9dm7cbFfyR4htMO3vEQmsbeLk10ozktd7_DR1nHTH2o_5N4jSN2kwSMEiEC2TuA_xLwjc_NxY6W5lEmyeqGzkTpff50xTAT6lcQTp5f0UxYzoF7k9MJRri05oFlKXI3VgFac8Gug7QzcXc654lXiOeLqh0pK-uNeqQSzlnniQ3ZAqx5xb4vm34jXdho0IgbFk3qXACkY_SKUho0PsAd4YNyIfwnMclWtCObz-ABfZMY-yfJscbuga930sUTsshDl5WaG3pjPP0cHftPZ57DvnBB8_3cVxmWh_9oDtl5IN4Cpci0kMNxpwjBkSIOPjmSdQlnx-gXtazjUakAC0boonAOOjcdcSb_9OGCJBHaD3VAUHuGh-ipzz0YQfZ227Ye4Ggdoj5fzsY1uRGjXAeMgMyBNafkCnhHnryNin9Egm2pzTpWMgKGDCxfyCf-cTFAn7xz-_Vt90fEJwPQm4pAqGGj-utRzFraM5wNko4EeTsrGc5YJCuoKC8Jkwm9Z4AaMNkko-2-xOoVneLC338_19dWWq_WpYjrjfxYIAjDt_Gai6MwPOzuW4MOrZeLEmhsYl0RFFSqd0MANBUcwiFGsnS4bjVStx3uLjTLKSb3FibKFAvI0SBIoGcuNh48du2CzKf0VIPqerUCTcUfkEl6ofZOX2AL7ZTKfT53oLtm45QKRYC89iR8ylxGK8I2d0P2OWkM3nvm3BBScWu3h9HSeAhfT1CFIoyuHOAi4FpeIdvcFWEadse4NTZts5klx84YpZfyoIF1-iQEiUcLYiGMYhgovvroC-lsaTEfSA6jqkw5SyZdSIVokMQWqplfp5IXvQrZ1Al9mHtnV06B6hYTfNXKdfnKGbL5ArC9-bjCSWppmT3hiWSrQzsWBwE5-YKinqUzxWshKnrJi3pmvsP9NbkqGYJ6QpB3rrUobC9DKXcgipb8fhSjUfO7Ay32xx_zz8HJm8UhDFnPjmZhW71aVLgimkYqisWcCKmXTAoIYR6VwGYKaljOwjcp_xtPPH5-3T0nwRm1Uu7yn5EAtJYvPaq63ea8k9fgj6sWGWYedJXapPonEXQ5a80-KK-dDOb4DpnAqQTJoxc0424Y0TQ8ormLGvdoBUTroJkGuVr-AK1GhG7QNcsL7YtLFYFK893cvAKkA9-OAIkoJTmI6ebwvtiMbbOZZkpo-PjV886wjx8-kRC8VCDPrf107lPbkiZdN7QMX89HAE98mRJ1c0nZ74TPcB9xrxdKNzoBXOb3PkB0_8qoIauY083__ICNlvmjC1wCYPguzjJA9AcD4l5SViWcTTuS_-VPdFwW5hv5QYc9RL4hgyefc3f0Hz-PG-D0rgXU27TtV9EJBrJm_pqNVVId_pR5Gsm-bXDSRrcU0gwtuaINFj3dgKdIIArZXK7SwLt1XO3MN0wDazYt9aOgu6DDYXGpZmi8zO8UZHDI0mIBEetAxbdlb0KuuGAwUKZBCpk8HyHOCkxGQyUgBZoG1eRFrp1Tsw3LeeWpYtMUtkuIgze8wEZbGeg77y_8UCcS9Va86cRAX3Er2m6QxQLjRZWPMK6_sCWj76lWOy8AXVVtTa4doqVamAavdg2dv7fo0jgETpXnRSTeJnf_g6pRdNtPEVjUniCzHfIII77vcRSfyOqw1iHPeZ3N0AfG3_n6Ysi6r8QO1M6XyYOGoS-DC09YhAd4PwuLsV8IXBs7kl0dr21GiJnAlkclpotpj0TlXTs0gKpnfgDEO4d3rR-X4-SFE_1ZIPDHHS1ga2POX6TrVPxHH-OKdbKmc8XSFnWATEmRI98u58CE6WEzcI6L7KCuXU7QwJqfDMvbVlsFVUNs-c-Dx5b5emqSEp6IX-6FwlYqYq709FPA7r_Cnzo4EgnakMt78mWrQo0Y1_QSwxMNTbwXiBM9B4sdpofc8oZj3FumOM5CR4IDC8TjoYIyC4nByxf5iKuI2LGXjhFztS_l9PXxbf_cdO4d1lOoCDGgFEb-80XQ7z5qTbGTHmUPg6du3MwA-_jS_KZ-D_qOQ-XGDG7cKqPBuzy-uKi3NGCSeY9eOnNW33bENqh71FgCNikbK6AdfLl9e7NOd6XEHDGIlvuT8u4Gei0Me9WYN7qOYrWXXKk_eiU2vQ2jvHuMT23zVfrx5SzJT0KKSn68mRDQTUzsT7MlwoQqM44fhn2KvIwX8sO506CCjxo8ijMUmuxXy8B6C7UG6B9Xy0vqj6TmdSTv-rqVmWY10VZsvAERvDdrVjuBQY_KSzmJP6VkRVHtGKXwIKNbhW1HBd8yCha2mexDGi7NfGHAvghBKfUPrkrLf5v2hBuJkkXSCzmWgxFLYRjyFpW5VX6ZrxisAshu4Alxq3Yy34NkpsLjckcPIcInKHSB59Zt5n6ulUsEPeYEpchWGaZu-Q4M7Z6yB5-9pAZRDrvYkhogMHkZwokzufKLG-05yokBbDfVTIlv7Bx1RZ_V7Wir7ogzLalIvc4hc8dRpOXn4tUb6M2tZT9MSRPeiBcyebYu3ZQzdeQ8f593Gxz6yt0JB3QcSmXZpqqgujWt4pvBUCk3zM1eiMsuknYk0Oo66FmIlQgVFmIhavKWtPAbVK1hdSHRBZCpo0oeVu0-eZ4P1IvHLV0eNlpFQ9OQHw8VUlJXVWEk-yi3SYk0f03ATB4wgXJ3wMkvOxs2gSRmA9Xp4ZhM1UtALpfLoIRGvcJMaAC3-Q&cid=CAQSSwDUE5ymyTd1sORP7nlVQvU9UUCllf5pxDVXIMOUWNjzoZcN-oruucchQQSZAtNfXheaohvv0CUu3dQ-qLG1bsYdb_56Lok2bDNXGRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3089678854757187000&adk=250412560&idt=182&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F7D9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADxabFiM8IthWvMZ3rsUE-GiEzfI-hOesrVoWGWG_ka8udDr87KNGB7SgUGvNKF6Zi2Ykb7pzNflNQ9RPoBX1k1FArZw&cry=1&dbm_d=AKAmf-DKrvn_KdPSCMF3KBwY3VbKQzktZCkjPt_THsSrVygSOE6RufeKSlApu4uATx2yk6j7D0o2TxEzLD6Pj8qGJ8inEYOvivG0eZZ6Kdmrj-KXkhaVplSOf0qFWwqUqiUUnDRiASm7ImN_3Wx0-DqUjKpxXybLhF5CHXgxIwhUGXj6ZVINQc-sYvJA1SkWICiV_8uwckVgkMlP6He95w5oEWJvGHBOOWjhIDMbmCQkyGLdCmDfheM0LYa4EW20JRWMnNfzMoo3k3GwdHZ05Mz7_kgaUItRoiG34oa3pbGsxF4zSY1IhsCm2Cvxrzi0ojqZDCcY6cLhUIWp9ChKvBxFGDrrEs_FLgh_cwafODC-9_t4tzv_rL65ud73dd5SNjW4zuy84yNdUOMbQltdyuV5HRnIaX7VRwYcHkzCrJkdZDvFhTWAUSzUivirXQLN6EFjqzHOzLCl94HHWi3RcL3SzUZ-_-K4IMlQjM2n-6AtrNOD-HzwcECzE84eRwUZHLRoYia_Hru5S4-DbBvwFLvf-Seh751znC9d5jMbdd2JnHPxCLj-ZOca0rf6sD1VnwYsneqFVzXSuUm1DvX7wb-9aupag7ul5ARPq5wU2hicQiV_SZq7YyW5fk_zyTbQdMTPN2Ovnkd9YWcoKd5roi7MoiyTtEHbrWM9uEfn-Nwlouv9cjlizMMOkeEAhCUKvkIbs0I7m0bucHf642ZFGNZGcDvfMhYQoWvfpSEO1hTCtVUxSHH5RjqqKSQcoAik4CEv6GCCQMKO2963ywv8MOLO78y7kB67ZFv5rdLg5CBBrUQ7CVOC6PyAU-uHz8V43Fb2DbRWDB5odRwmjiXxSA3B6e6hcpm6MRmlWMotdkfL60eaFWlHbZlyViOld3xju9NhFRqPpVAIlmPM_PQ5GNyr_qkv-xMQJhKPmDtHeYN2ODv5kdi62o-DNzmqtgZ7fMdZLtjKYLR9Uw627BoL-9dm7cbFfyR4htMO3vEQmsbeLk10ozktd7_DR1nHTH2o_5N4jSN2kwSMEiEC2TuA_xLwjc_NxY6W5lEmyeqGzkTpff50xTAT6lcQTp5f0UxYzoF7k9MJRri05oFlKXI3VgFac8Gug7QzcXc654lXiOeLqh0pK-uNeqQSzlnniQ3ZAqx5xb4vm34jXdho0IgbFk3qXACkY_SKUho0PsAd4YNyIfwnMclWtCObz-ABfZMY-yfJscbuga930sUTsshDl5WaG3pjPP0cHftPZ57DvnBB8_3cVxmWh_9oDtl5IN4Cpci0kMNxpwjBkSIOPjmSdQlnx-gXtazjUakAC0boonAOOjcdcSb_9OGCJBHaD3VAUHuGh-ipzz0YQfZ227Ye4Ggdoj5fzsY1uRGjXAeMgMyBNafkCnhHnryNin9Egm2pzTpWMgKGDCxfyCf-cTFAn7xz-_Vt90fEJwPQm4pAqGGj-utRzFraM5wNko4EeTsrGc5YJCuoKC8Jkwm9Z4AaMNkko-2-xOoVneLC338_19dWWq_WpYjrjfxYIAjDt_Gai6MwPOzuW4MOrZeLEmhsYl0RFFSqd0MANBUcwiFGsnS4bjVStx3uLjTLKSb3FibKFAvI0SBIoGcuNh48du2CzKf0VIPqerUCTcUfkEl6ofZOX2AL7ZTKfT53oLtm45QKRYC89iR8ylxGK8I2d0P2OWkM3nvm3BBScWu3h9HSeAhfT1CFIoyuHOAi4FpeIdvcFWEadse4NTZts5klx84YpZfyoIF1-iQEiUcLYiGMYhgovvroC-lsaTEfSA6jqkw5SyZdSIVokMQWqplfp5IXvQrZ1Al9mHtnV06B6hYTfNXKdfnKGbL5ArC9-bjCSWppmT3hiWSrQzsWBwE5-YKinqUzxWshKnrJi3pmvsP9NbkqGYJ6QpB3rrUobC9DKXcgipb8fhSjUfO7Ay32xx_zz8HJm8UhDFnPjmZhW71aVLgimkYqisWcCKmXTAoIYR6VwGYKaljOwjcp_xtPPH5-3T0nwRm1Uu7yn5EAtJYvPaq63ea8k9fgj6sWGWYedJXapPonEXQ5a80-KK-dDOb4DpnAqQTJoxc0424Y0TQ8ormLGvdoBUTroJkGuVr-AK1GhG7QNcsL7YtLFYFK893cvAKkA9-OAIkoJTmI6ebwvtiMbbOZZkpo-PjV886wjx8-kRC8VCDPrf107lPbkiZdN7QMX89HAE98mRJ1c0nZ74TPcB9xrxdKNzoBXOb3PkB0_8qoIauY083__ICNlvmjC1wCYPguzjJA9AcD4l5SViWcTTuS_-VPdFwW5hv5QYc9RL4hgyefc3f0Hz-PG-D0rgXU27TtV9EJBrJm_pqNVVId_pR5Gsm-bXDSRrcU0gwtuaINFj3dgKdIIArZXK7SwLt1XO3MN0wDazYt9aOgu6DDYXGpZmi8zO8UZHDI0mIBEetAxbdlb0KuuGAwUKZBCpk8HyHOCkxGQyUgBZoG1eRFrp1Tsw3LeeWpYtMUtkuIgze8wEZbGeg77y_8UCcS9Va86cRAX3Er2m6QxQLjRZWPMK6_sCWj76lWOy8AXVVtTa4doqVamAavdg2dv7fo0jgETpXnRSTeJnf_g6pRdNtPEVjUniCzHfIII77vcRSfyOqw1iHPeZ3N0AfG3_n6Ysi6r8QO1M6XyYOGoS-DC09YhAd4PwuLsV8IXBs7kl0dr21GiJnAlkclpotpj0TlXTs0gKpnfgDEO4d3rR-X4-SFE_1ZIPDHHS1ga2POX6TrVPxHH-OKdbKmc8XSFnWATEmRI98u58CE6WEzcI6L7KCuXU7QwJqfDMvbVlsFVUNs-c-Dx5b5emqSEp6IX-6FwlYqYq709FPA7r_Cnzo4EgnakMt78mWrQo0Y1_QSwxMNTbwXiBM9B4sdpofc8oZj3FumOM5CR4IDC8TjoYIyC4nByxf5iKuI2LGXjhFztS_l9PXxbf_cdO4d1lOoCDGgFEb-80XQ7z5qTbGTHmUPg6du3MwA-_jS_KZ-D_qOQ-XGDG7cKqPBuzy-uKi3NGCSeY9eOnNW33bENqh71FgCNikbK6AdfLl9e7NOd6XEHDGIlvuT8u4Gei0Me9WYN7qOYrWXXKk_eiU2vQ2jvHuMT23zVfrx5SzJT0KKSn68mRDQTUzsT7MlwoQqM44fhn2KvIwX8sO506CCjxo8ijMUmuxXy8B6C7UG6B9Xy0vqj6TmdSTv-rqVmWY10VZsvAERvDdrVjuBQY_KSzmJP6VkRVHtGKXwIKNbhW1HBd8yCha2mexDGi7NfGHAvghBKfUPrkrLf5v2hBuJkkXSCzmWgxFLYRjyFpW5VX6ZrxisAshu4Alxq3Yy34NkpsLjckcPIcInKHSB59Zt5n6ulUsEPeYEpchWGaZu-Q4M7Z6yB5-9pAZRDrvYkhogMHkZwokzufKLG-05yokBbDfVTIlv7Bx1RZ_V7Wir7ogzLalIvc4hc8dRpOXn4tUb6M2tZT9MSRPeiBcyebYu3ZQzdeQ8f593Gxz6yt0JB3QcSmXZpqqgujWt4pvBUCk3zM1eiMsuknYk0Oo66FmIlQgVFmIhavKWtPAbVK1hdSHRBZCpo0oeVu0-eZ4P1IvHLV0eNlpFQ9OQHw8VUlJXVWEk-yi3SYk0f03ATB4wgXJ3wMkvOxs2gSRmA9Xp4ZhM1UtALpfLoIRGvcJMaAC3-Q&cid=CAQSSwDUE5ymyTd1sORP7nlVQvU9UUCllf5pxDVXIMOUWNjzoZcN-oruucchQQSZAtNfXheaohvv0CUu3dQ-qLG1bsYdb_56Lok2bDNXGRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3089678854757187000&adk=250412560&idt=182&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
8839554236121871412
s0.2mdn.net/simgad/ Frame F7D9 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8839554236121871412
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ad301161c3eb1764be0043e612745b4d9a13ab53036f5e664d677b18e1e1180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44711
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 15:10:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Feb 2024 13:18:51 GMT
partner
sync.search.spotxchange.com/ Frame 5459
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHgzZZ_xyaqYmIRhoXuLuKs&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHgzZZ_xyaqYmIRhoXuLuKs&google_cver=1&__user_check__=1&sync_id=20fd5cf3-a7b3-11ed-977c-1d03a5b20206
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHgzZZ_xyaqYmIRhoXuLuKs&google_cver=1&__user_check__=1&sync_id=20fd5cf3-a7b3-11ed-977c-1d03a5b20206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYi_7m3wEwAQ&v=APEucNWawlxy712WNdQzPnvA7pSvZoYohsdM20aloHUuWhGBrUrXUYjza4pi5RoqWhNk--nxLqqvHRnuWUDWiVlrgjTUikvFDr1Xoxpgayw27F7xK19K8JbOXxNvxh7Znb9n0ZaauoMh1wpCcSbunWwu-2EBgvRJ9Euj26eThuFr_FWWfKoViRw
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
114
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 08 Feb 2023 13:18:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
/partner?adv_id=7025&uid=CAESEHgzZZ_xyaqYmIRhoXuLuKs&google_cver=1&__user_check__=1&sync_id=20fd5cf3-a7b3-11ed-977c-1d03a5b20206
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
87
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5459
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjBmN2E2MjEtYTdiMy0xMWVkLWE0YWYtMTUzY2Y5YjAwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjBmN2E2MjEtYTdiMy0xMWVkLWE0YWYtMTUzY2Y5YjAwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYi_7m3wEwAQ&v=APEucNWawlxy712WNdQzPnvA7pSvZoYohsdM20aloHUuWhGBrUrXUYjza4pi5RoqWhNk--nxLqqvHRnuWUDWiVlrgjTUikvFDr1Xoxpgayw27F7xK19K8JbOXxNvxh7Znb9n0ZaauoMh1wpCcSbunWwu-2EBgvRJ9Euj26eThuFr_FWWfKoViRw
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 08 Feb 2023 13:18:51 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MjBmN2E2MjEtYTdiMy0xMWVkLWE0YWYtMTUzY2Y5YjAwNDA2
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
33
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5459
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1XZXBmNlFsRTJ1RzAwdms0Y2tfelRpQm9xR1ZCSUlYX35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1XZXBmNlFsRTJ1RzAwdms0Y2tfelRpQm9xR1ZCSUlYX35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNyw8QIQm8jZsAIYi_7m3wEwAQ&v=APEucNWawlxy712WNdQzPnvA7pSvZoYohsdM20aloHUuWhGBrUrXUYjza4pi5RoqWhNk--nxLqqvHRnuWUDWiVlrgjTUikvFDr1Xoxpgayw27F7xK19K8JbOXxNvxh7Znb9n0ZaauoMh1wpCcSbunWwu-2EBgvRJ9Euj26eThuFr_FWWfKoViRw
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1XZXBmNlFsRTJ1RzAwdms0Y2tfelRpQm9xR1ZCSUlYX35B
date
Wed, 08 Feb 2023 13:18:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame 2064 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2da64fc8e104c4ad6e0da0d23be37199d5e16314324a88cf49c5228e0eaaa99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9032
x-xss-protection
0
server
cafe
etag
17055147049377271709
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
css
fonts.googleapis.com/ Frame 2064 		8 KB
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 12:03:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 13:18:51 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/ Frame 2064 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/outstream.min.css
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 13:46:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2798
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 11:39:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 13:46:23 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/ Frame 2064 		378 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/outstream.min.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afaa31f56248e0c96b6fca225335c4db15ae5ac5304b5309f2c9322d3c0ecc16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 13:46:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
171148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132228
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 11:39:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 13:46:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 2064 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 05E7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A53kHXYSuJSXbO8YVb6YVDMVg2lzvhzW8p3WsSXZH95nTTw4miaUsPsYfjdZIVKPeW679dFrP_X8iS7netwhDQ4fD4mFeSjCiXI1WeBmzAmG10Mc4Z6p_nz5-JW5-govRAfORIeTykr1BvsnvrrKshzVTqe6ZRSycinE_EbTT_13AdjAg&cry=1&dbm_d=AKAmf-CqdpmzH0rXrd8y_KVrhCPhhmppqGGR9MVV4PtfRGwzVLsgOuM0uO088NhDDhZZ1sbXfyZgUZq2H8BYwIarhHU5xbBBgdhkXppyKW6HgrVLHscOh0UQWh026Y27nUz5pxai1eztrYxpPwh3t82U10yB3ivkvsuw0RzpfWtq7wT02hWA6iVK0VOZmS_7-96x6SOO2SKvOMakl2FlKXr6MayYkcsOEZZFxPU4Vr83RX5mNA9aXP4yatDJe_99w_PPN8YwM-Xlm3rqfqqEhylwEqzU4JCGHUszmIf_X2pcXh_-ba9muwcQvmspmyZNyQZm0Hp57X0PXajssQRxEw7NwU4SYWUaSgSp2haWvHWAqFpE-L2WkwjB0R8uQkAy3qyri_LPAccfPbly2ps27zyCHYt9XuVVvf92uTS3zlIuGUmf_A7z6C_hlSIopaYWJJGFGmmCSx1FDk6J2NsCOG6kiybNzSJSEF4ufi3JdYcoJh9r0lT1fFhlYljNgF4lLJht8aTSy-8p7UvU_7dTF1tMisT9SS3ubS5Z8Rq397QHYOBq9usakCeujN4BSWvrGTeCp2zlTrfgC9lPVTHFfjihBiTyI124MEd-ykLAbRpk5uOS7n-K9OvtPa3NpGSKM6Kh6UtkQt2sBmJR0ZXyD2VIADqF05-Mr3e37n9sVC8GE-8XsfJMMEzkPGEWsYDohEKzI00ZBFJiWndruvTKG-Nq60oyXhthEuOgB2V-nfmG4svcyVIaPgQSiFplj1-Liu9tVR8f_VHxEVdjJCQAKx23gUmYJrcelXnXNc18-G7Sv5hYNnIe2vt9OSflcLZG1-rZAECu3bVNhofGUMOXN0QyR0wFINUD_D3v3QmANLMxy8W8XgHhwzOvSlTOS7tDPt_RtM6N0-b8pSnuTFfOnNrmpXMzLhPCVc-QNe5NsTTJOmNmNfb8S39bDJNPzF33sxSXgmT2uFGFAROToXrYqsN1uFEmzTtzmrnOJ2FQ9-gxfgw8LWS4hCP57wfGgxpsjwkwxshZ9rE6fQFKd9IeTYrjnrv18WPaoEr-mIujxDNeL-31r_Y6RSTjMemA1kXabjh5oeTUrSjAdlluYZt2f0pKhut8pq2W4S8UFC8b6Y8DcrEn84TGa_QObI2Wk-a-tc1wj9zHZK2zQZO6mQK085MyMILHDWHIYRKWeArTNOZ0JtX38LM2YKlZ66hc-_HIFu_KMTVIi-_8AzMSk9QmNC9B9qmHDV0NSgDVG7LbMVduQWmcdN6a5wMaOT3O7Q2pJcku6rIOPTzge7XUB1ipKwGw97if7atzwSrx2PVTgQzz0D0pS3ZCmpZsf2PjyqW0QZkXozR0GXvw1ZNyeIchUe_OWmcsJgFvX4_ZEnyr6nXJOPQe2bfrVlxZudzzoBS8fL4k09gYtJ5JO_1_am6AGGchFaS49QP1vMpu-41BgGD-tjkjmpQjDXp_ScYXYRgBcTK8mDct-yWlZqisVLGasfXvWeDh4JDxRzdBRhd5qY6BxetP6HPPrNXSQgbGgCv4chYx0OBZk9LB6BDmIH-KjCx8CoFCUfAAH1gQWN4hJn9kS_sFNSLWS2Y10JAZP_p-4Usz3osiWt7zxJaSIonkvIfIEtdw4DTDAlsBPyfBGol0PATJ2biZgdY4oP_yBfIguVVzyrWMUe6y_m3UlLlomu5EMStaJ-mu2ujYhmkKDa0iHU75R915n5XsIr6wHvD8VhobVdos2P1q5UsEjpFQ_ORiw2W-awZPmCzD0SEBj_srwmRRUSrI6kMJIxsbpHHyI11YnCpfLSQcozuh1_s4olzsrpmtdIazy_SuKzAAweySWM39DbcycS_LAYwdV56DyQzORXQL70f_qS8r5NLp_neYkvnWYtKBsn4siNuwhbEcPqAlPsKFXtw0E62eq_qq9h-1tj1MDV4kTz44USsq3hfZ0aaaHFjeQ8KJ2jTmNqrGg3x2SUONmSc_1cgcTeaPm020th8kX9AmhGqNjLUlSNKNyHs6zC7ShAdk5pqYehgv07CKHB0HAhXD2TxBw8AyJ2rhC6Kgm7mZcatXBuatSR7gPxFggVCHTlLCqyeB4J2tAB4xhJnJNE9HL3xduBUREKsDnO3t3-tw9dKP70AP1RQayJ8kRl5Atw3mJrOWoA-Nsr1srxYKIQNJD36rliyqQPOIqZ6TjQl__Dw38ZDeAmBOSJwtvIN7bnM1g2fZjrHyBHbBjmr0X_a7Oz-f2jBCjj4r5iyB62vTJaQpg_I7f8JecZNa__M8XcQwj6W1STzFdz9Vq1UzB1PQEoIOAeyGLCABfImSwKMQXDr8A0gTHKuux4pHGeMGV1rPidnh4PBsv-rWJT76fkcXAMl49UyZElgfeqyv9-8L8WA4AI5kRZcyiDbpeISY114rURmhO6a6pP_BJVbaAOE9ok5gNsERkkTxLx10pS0wmV3Asf1qx26E_KuAdKm4g6F2qCfM-BvKepC2R-coaErNqu4xeILC-sGAMDXVUYYzPrjkhVZcsucliRrts0om1ceMg19mWM_kHcmiQ1v4T3smGZeEyFKRSPLsrdFqptnYHHhsnMDhGUjy3FMt8fNuYXS-ef4Rw0rcwh6rDKvWvrgsfyNqKRzQ13cVCQx5pOsVCZD3VUIXBX-_aAmFg6kXoWQUofMMh8QUfssC6qAhkHw4H2oZaHVJ3_bPjzBsvVFrNPKH-6pmmj_Nq0n1y7FGhJgh-cOlWhmDJfDwWJmT70E1v6L6tsJDcaa-DG1xkyB7BbdTEplit6Tfcs92h5fnuoFEzHVkAO6aHlIcPMZrf05kQ7F1MrBZXZauet36MhkbamtMIErQlKVs3-6amOqSoRf3LLsMfrX70J6IzCIxzO4dUqPyiBFTCwNDZ5CFIVzzghZuPbAivg2OfuGak2gQajVU4WwRYvjwZyvz4E7adQdG1004yhqwJCYLMXghdcu1TR1gfQ4yIUQFHpWiQ_OCXEyHVO7Xkv8lh1LQIaiAHc8Iw8zwYAWmHyxm6XdP8kFfSpMU9dQyWfRFNmmoVZDrrpHdPiPo1rU5mgmu7_Yv1tog4WLmICnDQXwonRLW2UJvULYAQ4-cj55utiVLiXur3TIGRHbxeJhguFV-XXy0_WdniwxHZC3aqV0Y2pI_9JqednOREVscHPUlRMvEAS9kFSL0XxUEIjpxuHjDjdet3NVImBO3TcaYLAzEEaU-xiW_UPFKQcwjgKzMLPyAez6GWSpmbW4uyr_ZVel4wiJC9Pb0p0F2RZ1dPUffXELA8atV11lAYnwUXJ5iMgIYsYp2CNYeXsc2rMGU0mZGpnAnXel-6QW6vBl1QEeB091IS7r3FhC8kUIQUehih9MhCiuzh5fsAEdtwA5pbue3EoSCo85rZraP0Pvd5adGeDqVYtZ9wBTiAgtkJgLnWXy-pNSQsdmT4HPhzZdkEC7sTwJCK_dkjU-fhe_8rJSqxmS_JrUBdDMyLdXir7W9y0Wp6Y946w&cid=CAQSSwDUE5ymMYoKrhn0f7vC0tI63iLZ8Y-VMyuSogfJpY_C2TRGhD1EFGJARG9U4SpJmMsInIsDn22pngnTfHH10obYKR4Dm3FgmKdmzhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=13437442914832577000&adk=2228999115&idt=124&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 690A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3709253884789&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 690A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3709253884789&version=m202301230201&ct=76&x=1&cor=1857037881730052400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 690A 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxmFDh-FrvIQSx6vySoGqsCnk7re_y9tFUGsJZ-kCBPNprpFm_Tr-yHZJzrvviFFk0zGzDZmeOfrn7PMqHYr0RYElGdA&cry=1&dbm_d=AKAmf-BLF3e-k5B2CZY78_LIlKUiXnnLBX7ujBOyEWyHP8DR8bBz4CYuNi8cV8wDwcx61ijJcZthWVtcHk8dn4VNU48KnMSp8_xfnYfGNlbaagboa_TNcGvVPA1wO6yqGDfZjBm_NNu90sfO1QJqID7q2QsLhUhjh-uEfL0ELfVUTQ8OxcTFOhdlGLH5tcQok0DeVN3EnUVKOY2DCkPi6SlQc7JrgY5CwJsKJ0SR4UsaXFPxvwX8gFOkc-PJPdS6ZP4MrmZMzAlZeQp8-AjIo0JYzzBgoP0TPIoiK7xsCH1jCyy4illawqC29WX8ohRTuJNxBEQ1eHN6cOj01V3imp9VLHdfoS8dozl5SQGDgXvilqH2eyBMRlUNiI4L_tq9a_lj2f_8Cq9XPIJfXvVX-Qgl3bZYLXbQioDdmMREqWN4NHkxLlViT-H189sovLQ_eWjjB2ebXEAupaJW37iCzFrbv9IVXMy-KmPfphOlVtt-JEEYuSczXPTJzkldkPFEYUuQEd57DORK4R98Rg422RsgyO_BDFucvJCUfvAZsZv6X-ojvg4GQno-2SbBo3K0vA3asvnur9ejFG0RA0Zqfh94Lzms0knIpgtCZ2lxeE2i3Y3KH7BY7T023gHaeuoQwS9uoJrZS9sQbtun5hZ6cHJekPPF1KvhV7AsOhJDr0Fp8hUny03iu__qZFYSnkTcA7xCaIfTOH6wQlwC-ci4YIwI4jeASoyP2rqCkl24gIkj_goRpxYVgykZo0vECZRKBJOv3Hs8r_g_WQ7cqqf2ALFWh2htznC7Ms69d2iCZCDcdm7WpiwzDBt2VbKs5dhj2qYO8sik-CHYLH74FO7qmxYTCblaBwkv411_mpADAm8Q_MBoAyt3XXJM5CG7bHOHqcl1pxn4fppzR1Zn4R3nSyy6j2b9GKOaSQ7V6IWncfTBZqa4mgf30iQkxwi00PDrKvQiOLwmJ7HAd1o8taopnAdoF5f4yM-CHOUkENj_krhOURFZMG7xXFMGH6dbdLcF-TcM2fQ6rMboVMhQOv0TYU65lxtmWLkHOn3foeuMrcMHY0BE39fqEb8WRwt3bnpTzVezeAsuFnKw-NgGSOg5hD74pVfk_Hkw7jNR9YPhz2IUm86iBODnIkGHhFN1dq4GjTgXB59JfZlk6SC1vDUF41q6mQphIwS7Lh9zGzpQzR9T0EoIP2j1PB7_beSKpKJYzBgglMFyGjdYn9W67RSPFTJ-oyCCdKobnGYsTCpLUuSP6nJVovpsj_hnhuTEYyngyhL1Ecy0ruuZDpt9sJAKyLid-if9_bQccXl8MPF1BlrpkUYOm9rI86SyJhaBj_OIZlKqZHkpOTQrP-oxyMLNhMxGKuWDVCOhpzE0rdfGpsZ8ROPpksrZbiEfXtd7F9CpF3DzOwz4C7TLJy-sd4rr7W_-TMxiduNLQf0MyPZeN0gilHKQGHHtLC0G-pOCOEaORzOJ61_vxAK57E_-mMxQb8HwfWPrq4f5X6xUW9CEYlsNBCpKF0igqoxAhNFlTGGxChzA4BdKHX662mUC5y6SnHkVyuy3T1F44z9WtNkL6GdH52lzYy5-YHsQ4ItMmLeHfDygCuiHOZDRTPnNvB2H21X4jnXtQjoglJwPWfjg0mJ9u_2TBFbZFE_uNu8fq8ADF-wk9HH6ok_Ysvs69Xh4dMKFXIkRxui-16O0OTfvI2zm2Nkx8blaou-5cG3ShSMmWs4CBg9tJwnmdAVpvb0-FCi1yKAP3_B5B2-QBvTvbAv_z9xDu5R4cnxOqYcG-4kJd9pnceElsOOqFyh5AANcOQYUP77QDJoi8yK7xmgYU0aXrUyIVVQXOCX7X3yKlWC3sKkysBbUlZWb1D_u6ZrSH-MNRzkDnKrnP756sF1uedMRDhktetOVP9jJwhJ3RmllVx6NqwmOz-eRuqnSsFIJeUBsvuqekKo_Jwe8TRnAfiWPEa9azndiWs2io5tnNhmy6er-qKrY_e9CU5d9kpkR9411RWTO64qRN7VGC2m6RVzMn8UYOyFbg1zttU3Y_WXq1sHd9smNkwCiquMt2msHVxB7U-g1hrbB5w5cgo4XxLu1a9-9mN91ATA19wIVWd8tJIZpKH0CX6-wXN-AZBapHIyXYagWPeduArqIXsvo2yvjFg3FLswfF334lSu4Zhsd9T4v2-SHzau6yuzW7sXKuYICrPPx_JkNaRf0LT7Ft_-VIidK8d5conrnrMHlCN_3I65MdQODQXU1i-cWcUFqqszgYReE5mp6B2yUygkZXBb2kn_RfY-kFqggADqLo6dZ9llvIkSsemBkQHf8CK-bu_UWk6EmywYIUU8eMCd0SKErJlAfVUPtKlws94O7aFc45sep12AEuG7cmQ4wbnYCTHvQwqgbB6SE66Q8k1AhLjHF_x6JUo8PpvXqst4Oyv07HP2MVh37Xl3PYJKHaBc8Q6ws-ZKAcGnbIU20PFw68svB2VvwJlIEM5a6IcOk7HDv-G-uEhU9BS0IjRBbH26HgTQxDB5Dnr2PnYrqCTdB0Q5Bcz0Rm3NzD8qqsdIDRVnD-WG1tMVi-AbIuNG63URb6lUbg9ePvhqbLtnvJ65EcMYXuHPv7vobMMZTWzPwmurgiKzpnh3v4PPh_M9xt6X84vO5fUX9MwctQzbgrSH_Bx8juqvFMLvoskJgOmJzl9XZAs_bGH3dZ8qDEDgLv8xKAlT10Skt9Yso28ZrNWHLAvW297PJ8DFb0cawidmL6V4zVkEc90MR_Khb0eZvdUzENzq11PWLMbZPmWfR_NeFBN7KcVXTbWeT9KywzqwZKIlQPibw-23ii6icnWjMBexkDgh0TcyzXFFZb7V5NVl6wYpNte8E4nOCVu9GGuxd3bIRayHaGz_Y4MwpQdXu2BPxmgBcjP4cU45jgVs75aiyQ2djCBS9bhi1Awt3LLJPrhI_qombBz11PCKOK5LNMXU04if2taESaVFrVaVURSKp2ffoO13CduSkZiwBecYA-Dy1Uk4Zh2PUas8UwfF3_Of3vLv8LV-Upl-y3QwGi-DGhA6DEXBBAdKIujFI0lr_MZV_Z91MLcKASbSB1J4QkebBIOVtnggNOBs5X9SRGGIXUV7Sd0FhHHhHPiaVmZjAA7kG1guHs1qHi1Pvr0b8U5MqNuygqAjShYYMt1XB64tg1v1aVxDdGg9MO1wqJaLwYODLHvyUAT9Glmktxvp94AkoIuywJKSFUmGG6ST63kRMCMTqaBcM2zvdCjFc9fED2yfL4fYqGJhG7ed0G78_w-UlOLVYMtUqEfc8FN_uSjPX-r7xFBlCDuVsyjtkTTvV6BMDeVkhEWVj5zPcGLoR0wqZE7l4byyVDH999_Fmk6keP2WH0CCmaTLUSaEEGhuaFxD3-PFFSKa0kCZ0ECywwQauKGjpUPZqFm5l3A&cid=CAQSTADUE5yma6y4OI_ojMhhCj9Cq4XYXRyiCKgtEfTqeJ3dR24H0xMr7yC3FRul5j8GFY6tye1iWb1i8pMA3dvcMPJ5DGyTEcPXc2ajA3cYAQ&dc_eid=31072034&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=1857037881730052400&adk=929882891&idt=117&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f06b527133a0d5ca84093527200cd85749ec816872313431d74b40f416ebcbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36149
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame 05E7 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=198000&plc=6985912&sid=18330&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a82 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 30FC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F7D9 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d6cda9d1e37c1bf18d2062b25b4a312de8aa35f79459bce17c78fd7bbfb46a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
verify.js
rtb0.doubleverify.com/ Frame 05E7 		1 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_752949229252&jsTagObjCallback=__tagObject_callback_752949229252&num=6&ctx=15911784&cmp=198000&plc=6985912&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=752949229252&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.60&dvpx_strhd=0.60&brid=3&brver=110&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=12&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3D2C6D6%3F92%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D7%3D2C6D6%3F92%5D4%40%3ETar9EEADTbpTauTaub5h3h54g3eab_3c72hgfeg%603c22327bh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=12.50&callbackName=__verify_callback_752949229252
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3429390511f9e1aebc55091d471bd94479f31c61b455086c545dae5a9a8631c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:51 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
02/07/2023 13:18:51
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 690A 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 17:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 17:08:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame 690A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxmFDh-FrvIQSx6vySoGqsCnk7re_y9tFUGsJZ-kCBPNprpFm_Tr-yHZJzrvviFFk0zGzDZmeOfrn7PMqHYr0RYElGdA&cry=1&dbm_d=AKAmf-BLF3e-k5B2CZY78_LIlKUiXnnLBX7ujBOyEWyHP8DR8bBz4CYuNi8cV8wDwcx61ijJcZthWVtcHk8dn4VNU48KnMSp8_xfnYfGNlbaagboa_TNcGvVPA1wO6yqGDfZjBm_NNu90sfO1QJqID7q2QsLhUhjh-uEfL0ELfVUTQ8OxcTFOhdlGLH5tcQok0DeVN3EnUVKOY2DCkPi6SlQc7JrgY5CwJsKJ0SR4UsaXFPxvwX8gFOkc-PJPdS6ZP4MrmZMzAlZeQp8-AjIo0JYzzBgoP0TPIoiK7xsCH1jCyy4illawqC29WX8ohRTuJNxBEQ1eHN6cOj01V3imp9VLHdfoS8dozl5SQGDgXvilqH2eyBMRlUNiI4L_tq9a_lj2f_8Cq9XPIJfXvVX-Qgl3bZYLXbQioDdmMREqWN4NHkxLlViT-H189sovLQ_eWjjB2ebXEAupaJW37iCzFrbv9IVXMy-KmPfphOlVtt-JEEYuSczXPTJzkldkPFEYUuQEd57DORK4R98Rg422RsgyO_BDFucvJCUfvAZsZv6X-ojvg4GQno-2SbBo3K0vA3asvnur9ejFG0RA0Zqfh94Lzms0knIpgtCZ2lxeE2i3Y3KH7BY7T023gHaeuoQwS9uoJrZS9sQbtun5hZ6cHJekPPF1KvhV7AsOhJDr0Fp8hUny03iu__qZFYSnkTcA7xCaIfTOH6wQlwC-ci4YIwI4jeASoyP2rqCkl24gIkj_goRpxYVgykZo0vECZRKBJOv3Hs8r_g_WQ7cqqf2ALFWh2htznC7Ms69d2iCZCDcdm7WpiwzDBt2VbKs5dhj2qYO8sik-CHYLH74FO7qmxYTCblaBwkv411_mpADAm8Q_MBoAyt3XXJM5CG7bHOHqcl1pxn4fppzR1Zn4R3nSyy6j2b9GKOaSQ7V6IWncfTBZqa4mgf30iQkxwi00PDrKvQiOLwmJ7HAd1o8taopnAdoF5f4yM-CHOUkENj_krhOURFZMG7xXFMGH6dbdLcF-TcM2fQ6rMboVMhQOv0TYU65lxtmWLkHOn3foeuMrcMHY0BE39fqEb8WRwt3bnpTzVezeAsuFnKw-NgGSOg5hD74pVfk_Hkw7jNR9YPhz2IUm86iBODnIkGHhFN1dq4GjTgXB59JfZlk6SC1vDUF41q6mQphIwS7Lh9zGzpQzR9T0EoIP2j1PB7_beSKpKJYzBgglMFyGjdYn9W67RSPFTJ-oyCCdKobnGYsTCpLUuSP6nJVovpsj_hnhuTEYyngyhL1Ecy0ruuZDpt9sJAKyLid-if9_bQccXl8MPF1BlrpkUYOm9rI86SyJhaBj_OIZlKqZHkpOTQrP-oxyMLNhMxGKuWDVCOhpzE0rdfGpsZ8ROPpksrZbiEfXtd7F9CpF3DzOwz4C7TLJy-sd4rr7W_-TMxiduNLQf0MyPZeN0gilHKQGHHtLC0G-pOCOEaORzOJ61_vxAK57E_-mMxQb8HwfWPrq4f5X6xUW9CEYlsNBCpKF0igqoxAhNFlTGGxChzA4BdKHX662mUC5y6SnHkVyuy3T1F44z9WtNkL6GdH52lzYy5-YHsQ4ItMmLeHfDygCuiHOZDRTPnNvB2H21X4jnXtQjoglJwPWfjg0mJ9u_2TBFbZFE_uNu8fq8ADF-wk9HH6ok_Ysvs69Xh4dMKFXIkRxui-16O0OTfvI2zm2Nkx8blaou-5cG3ShSMmWs4CBg9tJwnmdAVpvb0-FCi1yKAP3_B5B2-QBvTvbAv_z9xDu5R4cnxOqYcG-4kJd9pnceElsOOqFyh5AANcOQYUP77QDJoi8yK7xmgYU0aXrUyIVVQXOCX7X3yKlWC3sKkysBbUlZWb1D_u6ZrSH-MNRzkDnKrnP756sF1uedMRDhktetOVP9jJwhJ3RmllVx6NqwmOz-eRuqnSsFIJeUBsvuqekKo_Jwe8TRnAfiWPEa9azndiWs2io5tnNhmy6er-qKrY_e9CU5d9kpkR9411RWTO64qRN7VGC2m6RVzMn8UYOyFbg1zttU3Y_WXq1sHd9smNkwCiquMt2msHVxB7U-g1hrbB5w5cgo4XxLu1a9-9mN91ATA19wIVWd8tJIZpKH0CX6-wXN-AZBapHIyXYagWPeduArqIXsvo2yvjFg3FLswfF334lSu4Zhsd9T4v2-SHzau6yuzW7sXKuYICrPPx_JkNaRf0LT7Ft_-VIidK8d5conrnrMHlCN_3I65MdQODQXU1i-cWcUFqqszgYReE5mp6B2yUygkZXBb2kn_RfY-kFqggADqLo6dZ9llvIkSsemBkQHf8CK-bu_UWk6EmywYIUU8eMCd0SKErJlAfVUPtKlws94O7aFc45sep12AEuG7cmQ4wbnYCTHvQwqgbB6SE66Q8k1AhLjHF_x6JUo8PpvXqst4Oyv07HP2MVh37Xl3PYJKHaBc8Q6ws-ZKAcGnbIU20PFw68svB2VvwJlIEM5a6IcOk7HDv-G-uEhU9BS0IjRBbH26HgTQxDB5Dnr2PnYrqCTdB0Q5Bcz0Rm3NzD8qqsdIDRVnD-WG1tMVi-AbIuNG63URb6lUbg9ePvhqbLtnvJ65EcMYXuHPv7vobMMZTWzPwmurgiKzpnh3v4PPh_M9xt6X84vO5fUX9MwctQzbgrSH_Bx8juqvFMLvoskJgOmJzl9XZAs_bGH3dZ8qDEDgLv8xKAlT10Skt9Yso28ZrNWHLAvW297PJ8DFb0cawidmL6V4zVkEc90MR_Khb0eZvdUzENzq11PWLMbZPmWfR_NeFBN7KcVXTbWeT9KywzqwZKIlQPibw-23ii6icnWjMBexkDgh0TcyzXFFZb7V5NVl6wYpNte8E4nOCVu9GGuxd3bIRayHaGz_Y4MwpQdXu2BPxmgBcjP4cU45jgVs75aiyQ2djCBS9bhi1Awt3LLJPrhI_qombBz11PCKOK5LNMXU04if2taESaVFrVaVURSKp2ffoO13CduSkZiwBecYA-Dy1Uk4Zh2PUas8UwfF3_Of3vLv8LV-Upl-y3QwGi-DGhA6DEXBBAdKIujFI0lr_MZV_Z91MLcKASbSB1J4QkebBIOVtnggNOBs5X9SRGGIXUV7Sd0FhHHhHPiaVmZjAA7kG1guHs1qHi1Pvr0b8U5MqNuygqAjShYYMt1XB64tg1v1aVxDdGg9MO1wqJaLwYODLHvyUAT9Glmktxvp94AkoIuywJKSFUmGG6ST63kRMCMTqaBcM2zvdCjFc9fED2yfL4fYqGJhG7ed0G78_w-UlOLVYMtUqEfc8FN_uSjPX-r7xFBlCDuVsyjtkTTvV6BMDeVkhEWVj5zPcGLoR0wqZE7l4byyVDH999_Fmk6keP2WH0CCmaTLUSaEEGhuaFxD3-PFFSKa0kCZ0ECywwQauKGjpUPZqFm5l3A&cid=CAQSTADUE5yma6y4OI_ojMhhCj9Cq4XYXRyiCKgtEfTqeJ3dR24H0xMr7yC3FRul5j8GFY6tye1iWb1i8pMA3dvcMPJ5DGyTEcPXc2ajA3cYAQ&dc_eid=31072034&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=1857037881730052400&adk=929882891&idt=117&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame 690A 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxmFDh-FrvIQSx6vySoGqsCnk7re_y9tFUGsJZ-kCBPNprpFm_Tr-yHZJzrvviFFk0zGzDZmeOfrn7PMqHYr0RYElGdA&cry=1&dbm_d=AKAmf-BLF3e-k5B2CZY78_LIlKUiXnnLBX7ujBOyEWyHP8DR8bBz4CYuNi8cV8wDwcx61ijJcZthWVtcHk8dn4VNU48KnMSp8_xfnYfGNlbaagboa_TNcGvVPA1wO6yqGDfZjBm_NNu90sfO1QJqID7q2QsLhUhjh-uEfL0ELfVUTQ8OxcTFOhdlGLH5tcQok0DeVN3EnUVKOY2DCkPi6SlQc7JrgY5CwJsKJ0SR4UsaXFPxvwX8gFOkc-PJPdS6ZP4MrmZMzAlZeQp8-AjIo0JYzzBgoP0TPIoiK7xsCH1jCyy4illawqC29WX8ohRTuJNxBEQ1eHN6cOj01V3imp9VLHdfoS8dozl5SQGDgXvilqH2eyBMRlUNiI4L_tq9a_lj2f_8Cq9XPIJfXvVX-Qgl3bZYLXbQioDdmMREqWN4NHkxLlViT-H189sovLQ_eWjjB2ebXEAupaJW37iCzFrbv9IVXMy-KmPfphOlVtt-JEEYuSczXPTJzkldkPFEYUuQEd57DORK4R98Rg422RsgyO_BDFucvJCUfvAZsZv6X-ojvg4GQno-2SbBo3K0vA3asvnur9ejFG0RA0Zqfh94Lzms0knIpgtCZ2lxeE2i3Y3KH7BY7T023gHaeuoQwS9uoJrZS9sQbtun5hZ6cHJekPPF1KvhV7AsOhJDr0Fp8hUny03iu__qZFYSnkTcA7xCaIfTOH6wQlwC-ci4YIwI4jeASoyP2rqCkl24gIkj_goRpxYVgykZo0vECZRKBJOv3Hs8r_g_WQ7cqqf2ALFWh2htznC7Ms69d2iCZCDcdm7WpiwzDBt2VbKs5dhj2qYO8sik-CHYLH74FO7qmxYTCblaBwkv411_mpADAm8Q_MBoAyt3XXJM5CG7bHOHqcl1pxn4fppzR1Zn4R3nSyy6j2b9GKOaSQ7V6IWncfTBZqa4mgf30iQkxwi00PDrKvQiOLwmJ7HAd1o8taopnAdoF5f4yM-CHOUkENj_krhOURFZMG7xXFMGH6dbdLcF-TcM2fQ6rMboVMhQOv0TYU65lxtmWLkHOn3foeuMrcMHY0BE39fqEb8WRwt3bnpTzVezeAsuFnKw-NgGSOg5hD74pVfk_Hkw7jNR9YPhz2IUm86iBODnIkGHhFN1dq4GjTgXB59JfZlk6SC1vDUF41q6mQphIwS7Lh9zGzpQzR9T0EoIP2j1PB7_beSKpKJYzBgglMFyGjdYn9W67RSPFTJ-oyCCdKobnGYsTCpLUuSP6nJVovpsj_hnhuTEYyngyhL1Ecy0ruuZDpt9sJAKyLid-if9_bQccXl8MPF1BlrpkUYOm9rI86SyJhaBj_OIZlKqZHkpOTQrP-oxyMLNhMxGKuWDVCOhpzE0rdfGpsZ8ROPpksrZbiEfXtd7F9CpF3DzOwz4C7TLJy-sd4rr7W_-TMxiduNLQf0MyPZeN0gilHKQGHHtLC0G-pOCOEaORzOJ61_vxAK57E_-mMxQb8HwfWPrq4f5X6xUW9CEYlsNBCpKF0igqoxAhNFlTGGxChzA4BdKHX662mUC5y6SnHkVyuy3T1F44z9WtNkL6GdH52lzYy5-YHsQ4ItMmLeHfDygCuiHOZDRTPnNvB2H21X4jnXtQjoglJwPWfjg0mJ9u_2TBFbZFE_uNu8fq8ADF-wk9HH6ok_Ysvs69Xh4dMKFXIkRxui-16O0OTfvI2zm2Nkx8blaou-5cG3ShSMmWs4CBg9tJwnmdAVpvb0-FCi1yKAP3_B5B2-QBvTvbAv_z9xDu5R4cnxOqYcG-4kJd9pnceElsOOqFyh5AANcOQYUP77QDJoi8yK7xmgYU0aXrUyIVVQXOCX7X3yKlWC3sKkysBbUlZWb1D_u6ZrSH-MNRzkDnKrnP756sF1uedMRDhktetOVP9jJwhJ3RmllVx6NqwmOz-eRuqnSsFIJeUBsvuqekKo_Jwe8TRnAfiWPEa9azndiWs2io5tnNhmy6er-qKrY_e9CU5d9kpkR9411RWTO64qRN7VGC2m6RVzMn8UYOyFbg1zttU3Y_WXq1sHd9smNkwCiquMt2msHVxB7U-g1hrbB5w5cgo4XxLu1a9-9mN91ATA19wIVWd8tJIZpKH0CX6-wXN-AZBapHIyXYagWPeduArqIXsvo2yvjFg3FLswfF334lSu4Zhsd9T4v2-SHzau6yuzW7sXKuYICrPPx_JkNaRf0LT7Ft_-VIidK8d5conrnrMHlCN_3I65MdQODQXU1i-cWcUFqqszgYReE5mp6B2yUygkZXBb2kn_RfY-kFqggADqLo6dZ9llvIkSsemBkQHf8CK-bu_UWk6EmywYIUU8eMCd0SKErJlAfVUPtKlws94O7aFc45sep12AEuG7cmQ4wbnYCTHvQwqgbB6SE66Q8k1AhLjHF_x6JUo8PpvXqst4Oyv07HP2MVh37Xl3PYJKHaBc8Q6ws-ZKAcGnbIU20PFw68svB2VvwJlIEM5a6IcOk7HDv-G-uEhU9BS0IjRBbH26HgTQxDB5Dnr2PnYrqCTdB0Q5Bcz0Rm3NzD8qqsdIDRVnD-WG1tMVi-AbIuNG63URb6lUbg9ePvhqbLtnvJ65EcMYXuHPv7vobMMZTWzPwmurgiKzpnh3v4PPh_M9xt6X84vO5fUX9MwctQzbgrSH_Bx8juqvFMLvoskJgOmJzl9XZAs_bGH3dZ8qDEDgLv8xKAlT10Skt9Yso28ZrNWHLAvW297PJ8DFb0cawidmL6V4zVkEc90MR_Khb0eZvdUzENzq11PWLMbZPmWfR_NeFBN7KcVXTbWeT9KywzqwZKIlQPibw-23ii6icnWjMBexkDgh0TcyzXFFZb7V5NVl6wYpNte8E4nOCVu9GGuxd3bIRayHaGz_Y4MwpQdXu2BPxmgBcjP4cU45jgVs75aiyQ2djCBS9bhi1Awt3LLJPrhI_qombBz11PCKOK5LNMXU04if2taESaVFrVaVURSKp2ffoO13CduSkZiwBecYA-Dy1Uk4Zh2PUas8UwfF3_Of3vLv8LV-Upl-y3QwGi-DGhA6DEXBBAdKIujFI0lr_MZV_Z91MLcKASbSB1J4QkebBIOVtnggNOBs5X9SRGGIXUV7Sd0FhHHhHPiaVmZjAA7kG1guHs1qHi1Pvr0b8U5MqNuygqAjShYYMt1XB64tg1v1aVxDdGg9MO1wqJaLwYODLHvyUAT9Glmktxvp94AkoIuywJKSFUmGG6ST63kRMCMTqaBcM2zvdCjFc9fED2yfL4fYqGJhG7ed0G78_w-UlOLVYMtUqEfc8FN_uSjPX-r7xFBlCDuVsyjtkTTvV6BMDeVkhEWVj5zPcGLoR0wqZE7l4byyVDH999_Fmk6keP2WH0CCmaTLUSaEEGhuaFxD3-PFFSKa0kCZ0ECywwQauKGjpUPZqFm5l3A&cid=CAQSTADUE5yma6y4OI_ojMhhCj9Cq4XYXRyiCKgtEfTqeJ3dR24H0xMr7yC3FRul5j8GFY6tye1iWb1i8pMA3dvcMPJ5DGyTEcPXc2ajA3cYAQ&dc_eid=31072034&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=1857037881730052400&adk=929882891&idt=117&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10982
x-xss-protection
0
server
cafe
etag
3642240749246652247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 943C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D693 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 2064 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ldvp5ura&c=624899800626&slotId=312449900313&qqid=CKP4mteBhv0CFYnQdwodhaoMFA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2064 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 22:49:45 GMT
x-content-type-options
nosniff
age
52146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Feb 2024 22:49:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2064 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 11:48:56 GMT
x-content-type-options
nosniff
age
178195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Feb 2024 11:48:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2064 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CbkqoOqHjY6PzHYmh3wOF1bKgAeOLm9NunpPKsIUR8C4QASDWzrdOYJXikIKgB8gBBakCKtx0aBMBsj6oAwHIA5sEqgT3AU_QSim9aQk5htP2TPcmUP_h6bt98oZdod_8XdZhpFzkKteSh1bir97_pSizoRj_9UKCpTNlHNoBZ0QAUCMwCpsApPKNx_gr-UGY6OwqBh4cQ-iEuVGWi3eBuebEWKQOhRtcS9OBhFRvx412PpFodBqljusktDokvvH25zVK5ng_RHszI_g6lDwH89ecT6RpJF0pr75kwaD7nbTPx7YB-CWwKDACyGiMPl0R6L-IT_XGjd_gSyHvqheGed0Gdw2gx_Rcy78sItP2K6C6WAQv4AsxPiXzH7PTZUKJBJEQHUrWB9Vt4A6QrOka6z_nrdfjNJvTouJpQXrABITM2NidBOAEA5AGAaAGToAH9-LYoAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgOYCwHICwGADAGwE9XxgBLIE56E1uED0BMA2BMKiBQB2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1675862331389&ai=CbkqoOqHjY6PzHYmh3wOF1bKgAeOLm9NunpPKsIUR8C4QASDWzrdOYJXikIKgB8gBBakCKtx0aBMBsj6oAwHIA5sEqgT3AU_QSim9aQk5htP2TPcmUP_h6bt98oZdod_8XdZhpFzkKteSh1bir97_pSizoRj_9UKCpTNlHNoBZ0QAUCMwCpsApPKNx_gr-UGY6OwqBh4cQ-iEuVGWi3eBuebEWKQOhRtcS9OBhFRvx412PpFodBqljusktDokvvH25zVK5ng_RHszI_g6lDwH89ecT6RpJF0pr75kwaD7nbTPx7YB-CWwKDACyGiMPl0R6L-IT_XGjd_gSyHvqheGed0Gdw2gx_Rcy78sItP2K6C6WAQv4AsxPiXzH7PTZUKJBJEQHUrWB9Vt4A6QrOka6z_nrdfjNJvTouJpQXrABITM2NidBOAEA5AGAaAGToAH9-LYoAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgEDyCBthZHgtc3Vic3luLTMwNDg3MTMxOTcyNTM4NTGACgOYCwHICwGADAGwE9XxgBLIE56E1uED0BMA2BMKiBQB2BQB0BUB-BYBgBcB
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2064 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ldvp5urj&c=624899800626&slotId=312449900313&qqid=CKP4mteBhv0CFYnQdwodhaoMFA&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 2064 		31 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CZm4pZuCc84Q628PyxLeu6BgdzaZHfDjAm9VHRqXruea8LDLmjmbWOYVrnTuEY9e45X64lbpqldWqBRcdctOczMQUl8A&cry=1&dbm_d=AKAmf-C7SI1z7K5rip2eKw2m_ueTb0O-e2btZrT0OmaCwU9ozhtWITa5NU_fEo-MT04Knf0xNHY6MZMNo2a37FLteIvMCnoYyrQLSvv5OV88Tm5RE5QG3Rw4JtzvNbSk6c9OhNgdlK9wBuSmWFEqAbmUrCklXtzPH0Wwagf-inGvuTf7jIt3YlvPty8Rk9VMAtPRMG3dj-FMDh1FcUNcm1XQjtu5GM8ZzrfwW3yTOrLFgrJROcrWlYhd_5Yb_joHDdvzsH1EEw5FEO4rdd1Eaw_Pge_Nz0IAI2Egw0K26IZDC0slnl9lCrlOF2OHbUbKhTZxxRzcSfqMPMxa0VbnVHioincHDRK4UkNu9RpNsxJjAxcFb8byQj2twCpYPcXY0vAgTFQ76cumsLI37fNb16xfDjzIqcGhCBbEWu-ZdLEJkuHz-bI-L-ayM0AFpz17sR-Lqxj24DBFRTXnKk_TXj4lAPfYEF_wKhHfKHEood0E-bKeqaa5PW_pFuKJtDhKswvUIwcAcqaPY62mkj1dhiK6euauUPM4lfBpWSz3h3heBJDKCkZN3YOkAR5F0llxZO54Pw9BrDoMEKb_vRp_9NKpoR-QjWJH17aGBi0S10uqx0Ym3IFmytj18HbvSeipJedYDXVRRpHMQZn_79gOV72arIsnVY5C5pNmjPuYmgO-ebMHWDSdueks72nM5qWEm02xm7Ig5CNd_WVMghGX6FHbZ1oameB643Bhmixpe-mLMcTjeSd9xLK5WauFAV1H9FDL8PWnKGkHw0q34w6PzgemaXJBk6ZKZEIeeaId4LgKZ9Bwv7W7BcDbFoKjTQJX3W579JJphUQpGYLqMN20WqquoebDD24-_uQdVXAAvGcYdZPKt5JkHVNZ1UfchwzClrupISri-cBAxsDHovxsKyMWzOrwKfs9TaDwmRrMw1MpyZ9-JRtqWlvVLlYdbMnmmXb5EzugdaUWclEkHnSnDXwje1_3sinjN-fKh93bJZYuJbPFI2mABOrTMR7ga6nFLc9rQvg1XKH_0P5fexYD3P2Cw1sI4nXpUmwE82cQSLzXZDWU1Qrdshv98WftA-Osfu0xl5Rrv0vfXv7RtI4sGSZpFyCPQpDpDnERwMcIrGyzrbVRCM_bU5Zn7uFMmqrJoPpB1ApHo_idDidTjj3tgwV_uBQZDGdCn1LW2qSzCoILts5u_FymTYAGFxpes2Dp0rGUNXozWgrvuTgTwWKxZ-EZVckfEwnE986FEHjpszXTovOLD1vBjqsYlaYi9KseO8f_rm_Aj4LWq8b7O7ZatW9aKDvTZ3LqcwzylFrOgr4v9mjxyRihLqRZiUtZw3Wce5KDG5BI1VySxLgUmwxB1E9GZpVInHBJWspsPY-3YC1Nn-tA6v9DK8ju5BkmLAACEV102Zt6lXfBPUKFzyr54OEtJQu8NcZzOsX4p4vbDZk32kVqwymbwjQt-CWaTsqCGB-1oNNOahDkhDhEcgDNaqWuqC6YPSgQwPi_R-9sJqlMnTc_qqwCQC-F9hQ4U7BRPeXYz7-lvFGzYagKhcyPlONW_yb5vX01TJdFgZ9FFG4LXh6O5WYOmlH9VGJ4-Nyw-CM8tU_lMMEBHH8Z3DeL9EvNj5-gfGi8ciGoJLwMLIFhJ4U-KjhxTjr7R9U5lgIUaMw2FueoQ-V0GeMLeuwn-y9P5O9SQruqHoK3nx5ne-HkupKnH12iOUV1Tuc9qZNN9RpvUXVe9BOzQHwEE8-cYRbcvxKtif7obGqpAv6aNB6NigPOcj8Ux5sq9ZyGXWgbHkUaUkvcIZVxEf_SqGDGcjD0B-Nkabk6-y_QN9w54pfnLXEW1NHZyl1d-gp9qxtmrv3j7nrrCT4RGlKEQDbXKAT0EJVBMkNIuHu42KXxrUpLk40Z7NvGaoUEc8i7YFqosxCVchntJXS8YHkhKquc1fEMjo5SuiAwmWp4pC2drDgAzPXoZ8dc9VAdy4FTlcOKTJVW4Ygudm2hwqI-aKmFoqlxVxCW1bg_GWoK168B1HYqrkFl-ZkGgqoOgpqRxh6xaKOTOjIG7clsIPHG0wp7W9BCq2hbqbpbnNc68sQbQO8_ikuilK2cqrADkysgXmQHOnqDlC0TX8Y_eOAHx0v4mzZuRq7fdCVerBhEP3Hb-J1cPKSKf70Y-tcqMDfHNtXoppcfjlrPSPYZf2qLcGU4UKYM9Bm9A0e8hyRRqntEOpBipHKGGY6eZLEc87nDRcD-3TG3kSMouqew2TD1JWkATtswtqq0735AKPBqzxVsozrZnSdVHq5iUNVPlycw9fGcDOuG5U5L-HBPlBiMJ9jyBr_lC1613s5_sR5NxexlUaFx9wlu0QNKE6pY_Cu4AA1fjT4LHc0bUUDCxpmQHiVHvKN3LUjbyNkA8-ewPvFd4FpVVyej8QwIfywqi5HNayrt-LqL1K-b4ZRyA4BBA3ofAkZo10nnvP90IcEc7StE6DlHKpMbVjLMjmZi7zaHgi7j8zK7clwxYYMP9BIsamBp2s65Si770Fo-BRIgESYYpEP7dblVeYZP3PWGm6Iq_mmhhm6xHtElbjt4OkXGBeIviTlebZT1Ga3_mmv6xER8RxwMrA14l83PWbXZlHuKRx9vQ4lddSlnSfa-96dZWr8J2wGIjIyPcD8U35qbUDtU-MTL_J-t2Tdwc55YGiK_He4nYL0nKOoHZ3nhrLqQoQkC_q4fRIXqH23gngWpk_zfH6YatcpnlcyqRATa-civDChfOYc0uV5lHnY9HYTgPnB00TUnHn4qwB5OR2_sGW2Z4W0_1yGfev_9AMe7BHgTrfp0JZXi_EjI-QC_RzRX35yxA49NHsPepfOI0ut33Pj-ugPJrq4gkPhPsO-8AHci2y0vmb9hDe3jMnY7JhwLLlWSEb2VpfaTceijpsY7jzJ-6Za0djWdwswgmqiD3-wTcC1yHQUHjgIIO0oG1cv6ZKD_EPDyYU8T06dtxoVQngl19Vmuy4B4AgIo4UmUTOQc-h-3JR-Gol6jN9czzIc0aEzQ3tFP3uxyT8DrTIH5vsh3ZHnOMHRY6rRvO86huSURGTkpLbuVB0Hh2YbzDF0HGk_NmhL-jXJyq_Jmu_9ynM17DmEZTBl9i7LpTsDpu20QJPEY2ib_aiTsxPKGTK5f8pv0yWMl5NNh2UR7bpc7WzAhepmMFsFy75vyrH2UbwEiKKdqqAzDVNfuYenyiZeThR12k3XM_xtsgptZ2Fzsm2mFwnY5_ctItQd9RQexXufvohvXSh4ZudD_MfPM7uniofU9ZYZw4Y2NPqy162yINnb5V9nzJ_VhBBWA0tBZChZEHlWwmt2MOvxQKNVRPbKc7QgqE8NgnNL6-4y9Da_OviR4WGSyRjJ_0650VMbWHiq330DKpTRGenFf-1Apb3Me0A10KCMZ6K16YfVVsUJzqewtJIqj9RL5ZDg_JnJzIBpSHKnbT5imcpdJS3GFyqpQYhJC-S4Td5miuJtS_dWk_yR5ghnmRShi-ZwxrenYASW984BF_ni_aKhmM5zQCYcQUZWsU2mf6WB5kRVr7c5RMhJWN9bt3pdenfx0f4NXdet-SdFGhc2iWNKp2WGe&cid=CAQSSwDUE5ymkCU3eEtfuzfo02A_xYsoBZvCvF6IgBxAyCNA_b6V_FER4Vp95T3SM75B_CgScaO76ucFKORkHxD0hs0BYyq2ueJZbJFXrRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f155.1e100.net
Software
cafe /
Resource Hash
101bbafebbf92ce1daa2e013786964abf0a1bcfc80e1fbbbbcb72db6bb2d118f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16499
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2064 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CaMcLOqHjY6PzHYmh3wOF1bKgAeOLm9NunpPKsIUR8C4QASDWzrdOYJXikIKgB8gBBakCKtx0aBMBsj6oAwGqBPQBT9BKKb1pCTmG0_ZM9yZQ_-Hpu33yhl2h3_xd1mGkXOQq15KHVuKv3v-lKLOhGP_1QoKlM2Uc2gFnRABQIzAKmwCk8o3H-Cv5QZjo7CoGHhxD6IS5UZaLd4G55sRYpA6FG1xL04GEVG_HjXY-kWh0GqWO6yS0OiS-8fbnNUrmeD9EezMj-DqUPAfz15xPpGkkXSmvvmTBoPudtM_HtgH4JbAoMALIaIw-XRHov4hP9caN3-BLIe-qF4Z5hQflwzNdic5DPasOfHF0ZVhU_s2aqsNHhClKkNnGSKAcaMjnRizHIETOFh8oA2NK7xGE-_u-LEyOTcAEhMzY2J0E4AQDiAXivtD6SJIFBggbEAMYA5IFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAH9-LYoAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCL_hEYoqnx3gHSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzA0ODcxMzE5NzI1Mzg1MYAKA8gLAbAT1fGAEsgTnoTW4QPQEwDYEwqIFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=54fyxY6pH_Q&uach_m=[UACH]&cid=CAQSSwDUE5ymkCU3eEtfuzfo02A_xYsoBZvCvF6IgBxAyCNA_b6V_FER4Vp95T3SM75B_CgScaO76ucFKORkHxD0hs0BYyq2ueJZbJFXrRgB&vt=10
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame F7D9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsseqT1nZ2NdtUTJ3JaWMLJyLsjcvoHYct2lDQRkjqINalzl4MNfARLzzL--M04-zJJGsj-svvFP8nihc_qmpES7Ce0I_sYjdQJCVggI5RwgJ1vsOYhMc9mD-ELaKpHBYZ948SsdmX3v7qAWIjglrgPwmTWgE_C1plHYo9MBg5vv-XkRtlRSutOCSGiCvpmk2ZwQwxp0xRM_PS8Bn5hKzqnFnL3deTpymbDdal3sAGad6ChMv-7t7B7hDIk_UDVRjo5Xtd8M6MTeUjpuuHSWhYXbeOw_l5ifWYWecdQDMgU9iUWATufDbjHYmjh2on00ZN92k8x5mMaqvkqQFD03zqcj9i55HzC_Ngo391SoUlzQVBcDFP428RDYDrLpV5mRjjR2JnPWONU0Uj1yn2fL_MAD_JRVGS5HYFcQW63WuQFyS07kcEVBTzLD_EV-4NhejWp3fsq8eWwn-EEQPsqhVXEnlj3PTAH-iyN9VKf-y5WHRnwHnGjD3vdjhp-ZEG5WXeqB9qZDIsNLrGgwcxt9oTK1enrsaOzlVjSx0zc-QRCs5-q87H5olm6yBzyOU-oD9KPyFWa6eArf18b6pLmxgyf8SEjHhI_Q8Ga64rEQ7fWQ2jsNxnWqiiKK7CNndmytc_jUaxrCx4PCKX0ML5RP7oKNJPViYAtfO0tg5ikyIMdl80FnM38NoQifsxOn4UYmSfGZu1-jM3k2YvuPQb3jGnmkn96QtRIISGhbRM6n80UJjnLBVDDgkuz3kFZqYTjLITM81TPtFAHEWyT7lUzCn9vEN4C9NkK1QNtFog7zXjRBPGvMisEUT04WAQh7HW1_G2yZ0243YfWD457Tjx-DVvz43tltwlM9Quxh7H60dtf34XEMeU_7t-AejZz0vz4t6SVZC4ixZhJBtfl6wGtPPvt50rBBxryAL74H8zkLXzmwDUhLEzvlAhfxaUvOVSsm3cKCU-iXsjrWyk_V2y-wEezG5jt5wO3mSNVV3jjJ-082shB294oCAyD8Co-vxa3mZmFs852S7EfhDwazgcW9-Pv1lmZb2KoUF58PwdTE1lLYHt7Ig06UhjtEYumkGusZH4LI2its8WEnGaR_ocd2xQJHzt4DhPm1FhbqjTU1gJqcl_-_0BAzWuCqArRI5SySTRd6UiDlIMwq3jq2kxvDjMeZF6vstGqhmMzJd0BHAg9-iT2PzrmVUHrhNpIqDOa_2mEwqrONKeRNXqwevuZQBE0nIZYGf87YQdT0aZ6pfArgFeX6_YBAu-YAlV5-rkMihUUWnjLLk11NdWydivigHHqfIqyARWhHI3INutHP8mGULbDgzone0ngkWylS2vh5Y2m-OpfyPgOfTyR-0hzpuph3FSa56eT72MkDcmyXrurZbLhjC7-g1C337Ei6o-MxfsFkPlRwXaNINHUS1bCkQymJKA&sai=AMfl-YS4vdO2D-DSTwQNg-O3qpt3_Z9IR3_nG042JOcNq5VVTfE8cwUg6ot8PYvXFbNxEVor3zwzQawyWfFTfR-RMuwpZ7SIv79TwblNy2GWMDug-0zljmXXJ_nI8SQOZjUANgPmVPsFuG_sTrJ6yJTNMn29vsyhFA78UtqPn0Jo32c7vDLaOsQ63QzkIjfSJute9efRrGO9gJuKKddXPR86pvo6Dm60zufo3ZFYiL1xlahERqqQ0D1K5PYzFEaemlWAyGv_ebJO12hfrOwF6zdebGFs0xrZcyqJ&sig=Cg0ArKJSzFxw064kpgCqEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&vt=11&dtpt=326&dett=2&cstd=0&cisv=r20230206.65251&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ADxabFiM8IthWvMZ3rsUE-GiEzfI-hOesrVoWGWG_ka8udDr87KNGB7SgUGvNKF6Zi2Ykb7pzNflNQ9RPoBX1k1FArZw&cry=1&dbm_d=AKAmf-DKrvn_KdPSCMF3KBwY3VbKQzktZCkjPt_THsSrVygSOE6RufeKSlApu4uATx2yk6j7D0o2TxEzLD6Pj8qGJ8inEYOvivG0eZZ6Kdmrj-KXkhaVplSOf0qFWwqUqiUUnDRiASm7ImN_3Wx0-DqUjKpxXybLhF5CHXgxIwhUGXj6ZVINQc-sYvJA1SkWICiV_8uwckVgkMlP6He95w5oEWJvGHBOOWjhIDMbmCQkyGLdCmDfheM0LYa4EW20JRWMnNfzMoo3k3GwdHZ05Mz7_kgaUItRoiG34oa3pbGsxF4zSY1IhsCm2Cvxrzi0ojqZDCcY6cLhUIWp9ChKvBxFGDrrEs_FLgh_cwafODC-9_t4tzv_rL65ud73dd5SNjW4zuy84yNdUOMbQltdyuV5HRnIaX7VRwYcHkzCrJkdZDvFhTWAUSzUivirXQLN6EFjqzHOzLCl94HHWi3RcL3SzUZ-_-K4IMlQjM2n-6AtrNOD-HzwcECzE84eRwUZHLRoYia_Hru5S4-DbBvwFLvf-Seh751znC9d5jMbdd2JnHPxCLj-ZOca0rf6sD1VnwYsneqFVzXSuUm1DvX7wb-9aupag7ul5ARPq5wU2hicQiV_SZq7YyW5fk_zyTbQdMTPN2Ovnkd9YWcoKd5roi7MoiyTtEHbrWM9uEfn-Nwlouv9cjlizMMOkeEAhCUKvkIbs0I7m0bucHf642ZFGNZGcDvfMhYQoWvfpSEO1hTCtVUxSHH5RjqqKSQcoAik4CEv6GCCQMKO2963ywv8MOLO78y7kB67ZFv5rdLg5CBBrUQ7CVOC6PyAU-uHz8V43Fb2DbRWDB5odRwmjiXxSA3B6e6hcpm6MRmlWMotdkfL60eaFWlHbZlyViOld3xju9NhFRqPpVAIlmPM_PQ5GNyr_qkv-xMQJhKPmDtHeYN2ODv5kdi62o-DNzmqtgZ7fMdZLtjKYLR9Uw627BoL-9dm7cbFfyR4htMO3vEQmsbeLk10ozktd7_DR1nHTH2o_5N4jSN2kwSMEiEC2TuA_xLwjc_NxY6W5lEmyeqGzkTpff50xTAT6lcQTp5f0UxYzoF7k9MJRri05oFlKXI3VgFac8Gug7QzcXc654lXiOeLqh0pK-uNeqQSzlnniQ3ZAqx5xb4vm34jXdho0IgbFk3qXACkY_SKUho0PsAd4YNyIfwnMclWtCObz-ABfZMY-yfJscbuga930sUTsshDl5WaG3pjPP0cHftPZ57DvnBB8_3cVxmWh_9oDtl5IN4Cpci0kMNxpwjBkSIOPjmSdQlnx-gXtazjUakAC0boonAOOjcdcSb_9OGCJBHaD3VAUHuGh-ipzz0YQfZ227Ye4Ggdoj5fzsY1uRGjXAeMgMyBNafkCnhHnryNin9Egm2pzTpWMgKGDCxfyCf-cTFAn7xz-_Vt90fEJwPQm4pAqGGj-utRzFraM5wNko4EeTsrGc5YJCuoKC8Jkwm9Z4AaMNkko-2-xOoVneLC338_19dWWq_WpYjrjfxYIAjDt_Gai6MwPOzuW4MOrZeLEmhsYl0RFFSqd0MANBUcwiFGsnS4bjVStx3uLjTLKSb3FibKFAvI0SBIoGcuNh48du2CzKf0VIPqerUCTcUfkEl6ofZOX2AL7ZTKfT53oLtm45QKRYC89iR8ylxGK8I2d0P2OWkM3nvm3BBScWu3h9HSeAhfT1CFIoyuHOAi4FpeIdvcFWEadse4NTZts5klx84YpZfyoIF1-iQEiUcLYiGMYhgovvroC-lsaTEfSA6jqkw5SyZdSIVokMQWqplfp5IXvQrZ1Al9mHtnV06B6hYTfNXKdfnKGbL5ArC9-bjCSWppmT3hiWSrQzsWBwE5-YKinqUzxWshKnrJi3pmvsP9NbkqGYJ6QpB3rrUobC9DKXcgipb8fhSjUfO7Ay32xx_zz8HJm8UhDFnPjmZhW71aVLgimkYqisWcCKmXTAoIYR6VwGYKaljOwjcp_xtPPH5-3T0nwRm1Uu7yn5EAtJYvPaq63ea8k9fgj6sWGWYedJXapPonEXQ5a80-KK-dDOb4DpnAqQTJoxc0424Y0TQ8ormLGvdoBUTroJkGuVr-AK1GhG7QNcsL7YtLFYFK893cvAKkA9-OAIkoJTmI6ebwvtiMbbOZZkpo-PjV886wjx8-kRC8VCDPrf107lPbkiZdN7QMX89HAE98mRJ1c0nZ74TPcB9xrxdKNzoBXOb3PkB0_8qoIauY083__ICNlvmjC1wCYPguzjJA9AcD4l5SViWcTTuS_-VPdFwW5hv5QYc9RL4hgyefc3f0Hz-PG-D0rgXU27TtV9EJBrJm_pqNVVId_pR5Gsm-bXDSRrcU0gwtuaINFj3dgKdIIArZXK7SwLt1XO3MN0wDazYt9aOgu6DDYXGpZmi8zO8UZHDI0mIBEetAxbdlb0KuuGAwUKZBCpk8HyHOCkxGQyUgBZoG1eRFrp1Tsw3LeeWpYtMUtkuIgze8wEZbGeg77y_8UCcS9Va86cRAX3Er2m6QxQLjRZWPMK6_sCWj76lWOy8AXVVtTa4doqVamAavdg2dv7fo0jgETpXnRSTeJnf_g6pRdNtPEVjUniCzHfIII77vcRSfyOqw1iHPeZ3N0AfG3_n6Ysi6r8QO1M6XyYOGoS-DC09YhAd4PwuLsV8IXBs7kl0dr21GiJnAlkclpotpj0TlXTs0gKpnfgDEO4d3rR-X4-SFE_1ZIPDHHS1ga2POX6TrVPxHH-OKdbKmc8XSFnWATEmRI98u58CE6WEzcI6L7KCuXU7QwJqfDMvbVlsFVUNs-c-Dx5b5emqSEp6IX-6FwlYqYq709FPA7r_Cnzo4EgnakMt78mWrQo0Y1_QSwxMNTbwXiBM9B4sdpofc8oZj3FumOM5CR4IDC8TjoYIyC4nByxf5iKuI2LGXjhFztS_l9PXxbf_cdO4d1lOoCDGgFEb-80XQ7z5qTbGTHmUPg6du3MwA-_jS_KZ-D_qOQ-XGDG7cKqPBuzy-uKi3NGCSeY9eOnNW33bENqh71FgCNikbK6AdfLl9e7NOd6XEHDGIlvuT8u4Gei0Me9WYN7qOYrWXXKk_eiU2vQ2jvHuMT23zVfrx5SzJT0KKSn68mRDQTUzsT7MlwoQqM44fhn2KvIwX8sO506CCjxo8ijMUmuxXy8B6C7UG6B9Xy0vqj6TmdSTv-rqVmWY10VZsvAERvDdrVjuBQY_KSzmJP6VkRVHtGKXwIKNbhW1HBd8yCha2mexDGi7NfGHAvghBKfUPrkrLf5v2hBuJkkXSCzmWgxFLYRjyFpW5VX6ZrxisAshu4Alxq3Yy34NkpsLjckcPIcInKHSB59Zt5n6ulUsEPeYEpchWGaZu-Q4M7Z6yB5-9pAZRDrvYkhogMHkZwokzufKLG-05yokBbDfVTIlv7Bx1RZ_V7Wir7ogzLalIvc4hc8dRpOXn4tUb6M2tZT9MSRPeiBcyebYu3ZQzdeQ8f593Gxz6yt0JB3QcSmXZpqqgujWt4pvBUCk3zM1eiMsuknYk0Oo66FmIlQgVFmIhavKWtPAbVK1hdSHRBZCpo0oeVu0-eZ4P1IvHLV0eNlpFQ9OQHw8VUlJXVWEk-yi3SYk0f03ATB4wgXJ3wMkvOxs2gSRmA9Xp4ZhM1UtALpfLoIRGvcJMaAC3-Q&cid=CAQSSwDUE5ymyTd1sORP7nlVQvU9UUCllf5pxDVXIMOUWNjzoZcN-oruucchQQSZAtNfXheaohvv0CUu3dQ-qLG1bsYdb_56Lok2bDNXGRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3089678854757187000&adk=250412560&idt=182&cac=0&dtd=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:51 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 30FC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 690A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
truncated
/ Frame 690A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31fba942fdc24deaafead30a2a45d52a2f4618b0cb54ce4b8ead3ccaa75fc826

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2064 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5509d811f201859d1668253c3488ec74d3b24d28fd9f6a3f42e9c612763ce443

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0956 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWSmsAvW-UMgoxy6p90hv1YQWBYXt40AmSaGpOOLZwV4I3VWxtigZdPuVlXPzQqWvjoqfo4pSrZ9oBa2F5n1O4cv5mlon9kOH3RFhNxVOFlkXvvOoJD_fy8Xv0Mk7nERMclrXqZugJx3UcVSdYCHCKeIx2Tlm-Akm5s0aFLPveyHMrEVMI
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 943C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 943C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A8gYMIYxl_B9b-RganuRokIrHks20ECkPqHoZgtKM-ZOA7kZounyd8qQBguG9JMU50A535wWFIgJ40D4sLMgzeLK27IAA_V-osqNdSiYV8l34kpPM
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 943C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3275671535494826469&x=1&ct=76
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 943C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 943C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 943C 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:51 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 85F9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/992376486397695907/1674512274070/ Frame CD99 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/992376486397695907/1674512274070/index.html?e=69&leftOffset=0&topOffset=0&c=ZRO1l0nWYo&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f13db56f0224b155c3bea9632dee053ecaf5144637a577d9e7ae82bc777e95b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1594
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:51 GMT
expires
Thu, 08 Feb 2024 13:18:51 GMT
last-modified
Mon, 23 Jan 2023 22:18:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 690A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKDOWYRxSvfAaLEB9dlPC5ahdhtz8MJ0X5fKshA6ckNXiAWTUfeC98BPkQNpfnd79LSPsE677FAtcYSb4N87yzHayLHClvC7-b18p30qcfD1u1LqtF9c-kNh6RMtUoe1dvgDFs6MjJvQaqXkJboxI3QJnlhcCWfUy6O0GXJ6_XbUIpmvEPq6ZygLfZiFAxY1nrocJRZhFs3Qe0hiW9QqPvGqcYFtU3gpmF63GF5St2Dkq1WboojtMuks82FvyJ9kzK_ixoyyC5RVfdKKT2WKy3yl105DKYEZy5COBTMvYHrPUv9TX2pM-fTVudrci4Nb0VqyEqTMAKG7gWUW5thnnPzW2GbxwwDy-czYOZmwt7PI7skrOEsIIrkhbWAVojT7BGKpvHIWVpduATwZXdw9DvlLwfSpsd6ihfumm9fyfm7hu-UpP8j9LrwslLcDvx-qSBB9Wbhf0VxU95gkz5EePYM6tbPukVRFYPILrr5VoDK0boMD3LzF-9ulTZUPW0WsmZ6J_Sc4r6JiC5FRGynItOQ-BdUXck3VbtnKTqePe_GYUtq_MmDxkFEkgD7kPEvdo_5cuq7AVjwLH48FUfqSzLe6ftEKkwx64AnFegs_wOk-UrIz4OUqsBsJ92DIQkccRFkJOmn2Q34lMQPhSxWd-SNx6ce4Fgcw0fMKUYW7s0Q7orj2cmqbd5mmMU0x4sipulYU1hVeaeP6RB4WnuO04o-rv_u_ecH-sHrR5nN1Piu0UNHW5Gsn1CNQOoQCYrvAJBVFDSEfATOVSzyQv1bz3Wfjnf_bNm0YTWlB-jVAmew9bnyCJTGLXe7GxWj6UA7lk_RCbgrN-ctlwRh-5WVJEZw_VuQuLLjsM2OmYksR-fzUDx6skYjnVHj140u4j1Txcx-socJ6bW1yy1vfy4_bxnFmBUArT94I-h52mA7GSeGUvpV9K39yWtBp73Of1oPyTGy6-kpWpzy6HHX3k4WBdMWNg5rvoTMedUwFAeANKAXdKDpLNE98ZLVqvx5SzAvOOKcfvrzq3FHPdtnEqf7P1zXSgnWpHyndFF01SnCECnv2LPE03zt1FvRYsv1x_WLQJjwc_TFcpATQBCiPB1YL85dvXFzRAe7W2BqdUJ2sTttW-RsNjiR_Y-InVvsOKIUmQ-pfYKfD_Ptc-5qrlHcNodQvSOTsw71jLvuFxCA-1yUpeK1B46o7gj6L1VNr4IXVvIeAYbNn02gC_cQpuZd-WW5ZmvR1eAVXWP1Pj8sQYZ4sijt2_VrmaoapWE0ZL72VY7PkaCGIwWBzRR3eq_ALQIO1B0B2ka4UwGKuKJtheU76ZppRaToXzUThbp&sai=AMfl-YTHmnln5jKWg0o5soThpkM4IG9RSEOmnyk1IBrIe5XKLUVMPDiVoZNJmnDdJYIR6C9lMTUR5k9UHZ_C6MG-BsDp-sRVhWyBsxT-dm_1j3762GYcwzN6AKMIHq96RmtAqYgiXmzrZ5V8Tt_mDg8k1A8MhNH-R4z8r1Vs8b5XEodiHmIvdMC9Lph2L741GqbyQ9Oa51Mmd7Gp_bvwKEcQDOqxE95gbM7UXzTJZ8o_xsItRzrrysA8VE6dp68CllnxNJSWmzeqPDHAR_5ob52lWPs5GtSgbXlsTUsT&sig=Cg0ArKJSzBzTPAq8-mJyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=248&cbvp=1&cstd=240&cisv=r20230206.70565&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:51 GMT
firstevent
samsung-germany.demdex.net/ Frame 690A
Redirect Chain
  • https://samsung-germany.demdex.net/event?d_event=imp&d_src=38080&d_site=5313500&d_creative=186124503&d_adgroup=23233&d_placement=358296035&d_campaign=29309792&d_cb=3641295847
  • https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=186124503&d_adgroup=23233&d_placement=358296035&d_campaign=29309792&d_cb=3641295847
42 B
966 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=186124503&d_adgroup=23233&d_placement=358296035&d_campaign=29309792&d_cb=3641295847
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
34.255.210.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-210-6.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v046-0c554dbd5.edge-irl1.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
JCB/VlvCR8Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v046-0d7e6a16f.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
RdBSnsjbRyU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://samsung-germany.demdex.net/firstevent?d_event=imp&d_src=38080&d_site=5313500&d_creative=186124503&d_adgroup=23233&d_placement=358296035&d_campaign=29309792&d_cb=3641295847
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
tman.cgi
pfa.levexis.com/samsungde/ Frame 690A 		42 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pfa.levexis.com/samsungde/tman.cgi?tmad=i&tmcampid=8&tmplaceref=358296035&tmclickref=186124503&tmtag=image&rand=3641295847
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-aes-version
1.0
server
nginx
content-type
image/gif
p3p
CP="ALL DSP DEVa TAIa OUR IND UNI"
cache-control
no-cache, no-store, must-revalidate
x-ens-event-id
8b7cf3c7-a055-4082-a741-bd5dd2196be4
x-offsite-uuid
e3d6f725-4813-4310-bfb8-80aa0315513d
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT
csi
csi.gstatic.com/ Frame 2064 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ldvp5urx&c=624899800626&slotId=312449900313&qqid=CKP4mteBhv0CFYnQdwodhaoMFA&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 2064 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 05:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
545690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 05:44:01 GMT
file.mp4
r2---sn-5hnekn7k.c.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2064
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
  • https://r2---sn-5hnekn7k.c.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-5hnekn7k.c.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/845054817CC9DA2E7A31548D1B16BB2472950510.763BCB19012056B76EDDC340EE16D45A130AAC60/key/cms1/cms_redirect/yes/mh/Ke/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnekn7k/ms/onc/mt/1675861604/mv/u/mvi/2/pl/48/file/file.mp4
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
HTTP/1.1
Server
2a00:1450:400e:2::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:51 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1347477
Last-Modified
Thu, 19 Jan 2023 02:09:27 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 08 Feb 2023 13:18:51 GMT

Redirect headers

date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
location
https://r2---sn-5hnekn7k.c.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/845054817CC9DA2E7A31548D1B16BB2472950510.763BCB19012056B76EDDC340EE16D45A130AAC60/key/cms1/cms_redirect/yes/mh/Ke/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnekn7k/ms/onc/mt/1675861604/mv/u/mvi/2/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
expires
Fri, 01 Jan 1990 00:00:00 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame D693 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 05E7 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=fe4a0cc68e374846a4e5b07242be0391&vfdur=249&cbust=1675862331610444
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:51 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
02/07/2023 13:18:51
dcmads.js
www.googletagservices.com/dcm/ Frame 05E7 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
519d5bd967e0830146e37151a545865f3d8ce232d3586b5f65e7bed8baefb871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
289
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10632
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 13:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 08 Feb 2023 14:14:02 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 99D8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 0956
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECer09t9kauM0uvDZRJSmZQ&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECer09t9kauM0uvDZRJSmZQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWSmsAvW-UMgoxy6p90hv1YQWBYXt40AmSaGpOOLZwV4I3VWxtigZdPuVlXPzQqWvjoqfo4pSrZ9oBa2F5n1O4cv5mlon9kOH3RFhNxVOFlkXvvOoJD_fy8Xv0Mk7nERMclrXqZugJx3UcVSdYCHCKeIx2Tlm-Akm5s0aFLPveyHMrEVMI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECer09t9kauM0uvDZRJSmZQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0956
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.OhOpYZgdQZ0MvM4CvzGQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECer09t9kauM0uvDZRJSmZQ&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECer09t9kauM0uvDZRJSmZQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWSmsAvW-UMgoxy6p90hv1YQWBYXt40AmSaGpOOLZwV4I3VWxtigZdPuVlXPzQqWvjoqfo4pSrZ9oBa2F5n1O4cv5mlon9kOH3RFhNxVOFlkXvvOoJD_fy8Xv0Mk7nERMclrXqZugJx3UcVSdYCHCKeIx2Tlm-Akm5s0aFLPveyHMrEVMI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:51 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECer09t9kauM0uvDZRJSmZQ&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0956
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGI_ybMzB6olkOSc5DdBU2w&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGI_ybMzB6olkOSc5DdBU2w&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWSmsAvW-UMgoxy6p90hv1YQWBYXt40AmSaGpOOLZwV4I3VWxtigZdPuVlXPzQqWvjoqfo4pSrZ9oBa2F5n1O4cv5mlon9kOH3RFhNxVOFlkXvvOoJD_fy8Xv0Mk7nERMclrXqZugJx3UcVSdYCHCKeIx2Tlm-Akm5s0aFLPveyHMrEVMI
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:51 GMT
AN-X-Request-Uuid
6b719ba7-aa01-4386-b5f8-2f9dd8acc24f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGI_ybMzB6olkOSc5DdBU2w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0956
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWSmsAvW-UMgoxy6p90hv1YQWBYXt40AmSaGpOOLZwV4I3VWxtigZdPuVlXPzQqWvjoqfo4pSrZ9oBa2F5n1O4cv5mlon9kOH3RFhNxVOFlkXvvOoJD_fy8Xv0Mk7nERMclrXqZugJx3UcVSdYCHCKeIx2Tlm-Akm5s0aFLPveyHMrEVMI
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 08 Feb 2023 13:18:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
802b5123-1642-4170-829e-356984e83dfa
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E6C8 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNUgZMU6upV3VPte2BhORitrDhWV54wj5g9FYQ2bUAu5CwMZ2moKS9gJy3xnjcsjr33l7j2QYWxr2X1J3U_bAG98ZH63RAeeD_oVyaJSp64NFyXgxWnEkqNOz1fcirXMrhoYRQW3CdqGXeXPxRVyW6k_fgFzq-qSxtQf1mWioL8WBwfmyCE
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 85F9 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85F9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bhym_fWF5Bd0qn67Gfh4x31ufywHM784doWkF_yVLI5MbAGgrU77sVT4w-Gk9iQEDxgOlghz2iMJlRzzRDhJuS0R1VNLu5LTOIDvqRo-EsTPLOlUw
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85F9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2630820520763287900&x=1&ct=76
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 85F9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 85F9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
l
www.google.com/ads/measurement/ Frame 85F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJCdYpRhj7UaaOWadLGLIXYWlgX8dne-T76ykqlFfybJ2gpPgPvs0nFYXQ5GoBvi_PifM02CrV7XjRisj3DZUg0uOqVg
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85F9 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:51 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame CD99 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/992376486397695907/1674512274070/index.html?e=69&leftOffset=0&topOffset=0&c=ZRO1l0nWYo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/992376486397695907/1674512274070/index.html?e=69&leftOffset=0&topOffset=0&c=ZRO1l0nWYo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 09:35:36 GMT
1.jpg
s0.2mdn.net/sadbundle/992376486397695907/1674512274070/ Frame CD99 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/992376486397695907/1674512274070/1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/992376486397695907/1674512274070/index.html?e=69&leftOffset=0&topOffset=0&c=ZRO1l0nWYo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
462b3b3f944b7eee7761151ce4897674ff34f08e05a47e787fde16b52701ec96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/992376486397695907/1674512274070/index.html?e=69&leftOffset=0&topOffset=0&c=ZRO1l0nWYo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:57:29 GMT
x-content-type-options
nosniff
age
33682
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1511
x-xss-protection
0
last-modified
Mon, 23 Jan 2023 22:18:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Feb 2024 03:57:29 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame C42E 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30957
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:42:54 GMT
expires
Thu, 08 Feb 2024 04:42:54 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impl_v94.js
www.googletagservices.com/dcm/ Frame 05E7 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v94.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0313c42048efbbd0b5ea187ac6bb5f9f6fb8a99776b3cb981c346243b8e0e978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 10:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23493
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 19:50:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 10:34:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 943C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6618301976537&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 943C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6618301976537&version=m202301230201&ct=76&x=1&cor=3275671535494826500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 943C 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZeOp75itHrVU3jxXtC6NqTFOMu90AtY9wnj7x8UUe1FjA9Oqy6ca8HX_4x7sWOGY3EVzdyHtIo8UOrLtuw96AgyLNFQ&cry=1&dbm_d=AKAmf-BRT0jvEkQRIrwZwDxrEzKWKO95117sVOZ9ljghzRZQbWOxLtPAYZuPyFj5LTeqtjzXjihmY0LkDIrDsxghJ6ME1MNqiLE4lkP-GOT6WKYucMkGZAVcT_1f8ei_OjzQUnXJRE--A2mop7x6TkbXLfAzKVuUfGYIPLEFBq7CNjCHmo8BJkd8PBavOqtNcwrktHmJUHDkKHgzBTfe7A0F3RnzrwJYb55GvRB0_RbbYF_1VKw-quYA1Yj6kiHVf54iNmORKYKFFdfQyFPLyiPbV7u_Xi0VnYTAlaBpHJCGpV_O6QdD_a6Le_AsH-6GvePHJWeDZZd4DoCYaiS-PoFHFU2nv7EbpXCeSU5SGFOq754tiXyjx1D3badd1OlsSf4ZZedxm91KG2wxEwYcMc3V0bZET49qQqrhnS9T9dddt9CSBwmkIkEKPviNdnd0JPiug8Yf-wyfpLlNki7WZvj-FAm8F7JBZ94IjgddEyFGHKfmJ-zXnz-DNOhdausdbp75n_nqgtsieQMH5J7SDzhaBM0fm90UMEnLE3GJ3R7yycXcMZx5ML6q7r9Wct3k99diZ0TW9jnzTxgQw_KngCye2K6zVb9LsGp6dbFjHf9s1rIXTT2YzSu9cL_IQ_Wj4SBFHF2U2yggc9sNGE_tM-PQBA_K_mv7D0vWDdwcvykAbvtv74HJWdL0g11UxWn93XxTGCFjqOo98xVnFaXC2XnCzbf8Ga0G5hjki8E8UtShxTdpdntIYJ7YAF9Uj4AwgWDFAHZjzYGWLHxG2GYbzEWa0CwB6q8eZ1b6EZ60jIYUSn6oAJ5CTOdyQQgy_EQnfStR90yQtHx0GACNt_hlUfkYjhrUEbnYIsF7Nyfiyy0hzYadLHXC8whupT54O2rQvbNCwsISoT_afv4qcHClYWjxweiXw0ev4vBe-oPlO3fms82S2eIZSzMZlpSIiBM5N3Ua-octvkAq7tnnBuqOBRc8g3jrf1Mv1hQqnQhuGGkN7KCWkoc4HBnHDbHFgfvHtLFvFRS1hr2-3FMR6Kv2tYwRY8OCkutV7N8E_18eSDi3yALJk1_yVhcr1OzZRmS9I2IQ-YckTNJz74GF6-S91AhilJai7PiDqZNE9kJwyRufstdJJ0rVQdTF9kn6gdNBZpz4P53xW-YnWpJW1S0NtbsPZTWF-on9NJ1_FZmU0RE54vO7FI1-1-MtN8OUzIRk0rxdQzkiGTkA3OGD-OwW68QQCjM29_Aisjcv63q3blzwt6BnbDNYGRf_IIx7W_epUFr9sfwNRYIOZRWUhb9EsullN8LJHxJvONFTCWRTEBqMCqoZVEd5naATl3zpyJPMAjZZ4Z6_SVvZB99-jkIDLh6tvuAWPAIQ_rQa9SZysD61WVRn5N_rEXQ-su8GGMtybN2LEQHPmOaZJGFZBne3itq10vAb5gOTJzQbvKnr1y-wiYDZt1Zecgmomyg5r8GC5xxH6JyecUQKLqRUVcDZmd3YwzAtrYUJucz6uwrB1XNTjAMuZuHp5pVeuaR3dVnfAKrS1MkS-U_GfEC7mZLleAs27iTQSIzNWAQRNBGrW6c7fdOfWkfKgfZCh7kfmFCnPV8gdrsnc-udlcnkl5Zc1jItE45XTCv9UKhoxibtgzHwu44WUiaQQaTSRyzDmecevqMcUYL0WaC8IwhZT-e9XgJi-BBSbDA2TSz2vBey5oyVS2hOd3qdQFNXD0uVTJMccpCTjq3g6HsjrUj-cM_3C92RSja2FWaZU595y_l9LLtWYsHrzBVYlRi6N5daEn77pCO_rpratYPhg1FmyyGAKWH_R0-cYMuB13UaE0A5x2YBCpThsjFboGClqTVYDKDQWp0AgREZQ9emzwtFmLNk4xFXMVTMzjpYl500i4NPZ7ye6mAZGtT3U0xIPaZXoZzqj2xZzY2O98tJvNL3-CRaSzueZ4PObDVzCaz8MwROhoJLphJoLtkxRqGlbUs2qtBRin_7vNDhDPhEQ_8xhlHVhFmin3dFW3aKTcryex-mTjHrbCyY5pk9F87aQpzMeozWQOLG-MmRF0IlQ7oDe0MlGs8jWHyDhEUgu2MBEZDDiC1t2D4yyREBLokImX8nzRBLtniJFvsSUla27N9V3d2420XfbWLAuBERjPHNM3au3Qd-1wIjOlAaCXYR58Q_jFmwqHR6ZTxXzeSnYtKfFfdZtpePRveCpF-uNUJ6Zu4HB0yTYeOLv2Y1QlKV_USsLDD_xbOxn6s6b2D0lmQp5VWSaBlbX5EV_6iG6Vy3rZP1UQETsULNHcGzjkipJCDWM31KRl5GpqcXYzD5sGeVtDpB44rS15c20lepQ4A-EiTKr4K3IeDhqXq4vNchHyLLKmLvBQghni4B-v0Fqu6Obl4iCGxWedO8kD5VufBeQgEsDX0bWFYyANE-jGtHfQwQMqA4SiXfRJ4l9uXFJ6pN688PbM1tDT_byzBIIAYyMX_5ac-t2LIivPGU7VKuocXf8dbk-sN-bFX53N3hHY1rkg0YWEPqav9tPwnX7TtZLQf1f59OqUcmNps0jFD1kr3pinWm6SzANHvq7hqDav_LgPbd1FqP_grZmBkFfz0J1TIQsh6VRhVt0rqr6IRe7qOhTtyYBFmXy-bAM1xOr5_peCHTJQdOBbM0V8TCzmRmFHm6sknVZIFNxJeK7alYoBssIlWv7u52jwZbP2AOl7aD8vvIVUYb08pTIgf83h2QYvK79iSU6H_6CA6LP5vQdFpqCR3pZ7YElHon1b8vKGxtN6XBKLK2Aw1ufyCl2SurAFAVPHXWJvORtJIcfpGYCSGvkevG0QXbaLcDLYqE9-HIg8s7ws4YKfCLDuI2O8vFuZCROI54WD503QeoCyQOScHFB2tafki33YXMNWNZDPZIHNw2eb-2ArAkCx-HmP8dcP2CtuTzOaRw7UqfYMedzRdehupODA9uGwenfvLjuicBGGlW5CN3MGTtEb5vgeyZG3wbvACvan1MRKks2VK8AgzzS0I87PzdgmXIWseQxBSyUAwPVLC-bnC1kpmH5NYPRgrrREO17xeWrQbUcKMejGSUVWNjO6DI5-L0OxEzPY8X5h9HofjHNVGp6tfUpu5BtyUSkNVM45ChshaNLO7nIwSp5F4XYk7z3nyZ8a1oTuMCAlOeqFMTNumEeBT-E0Spv2h3vHDMhvpCn-qeD7WV8bfEygMh-0PerlR6wlsAsJNnl5-3JkyUrTQW_tqs4o-FcTUEDBxvCHm76kBatLqQ8hhJAg_02UqWPWUtEQECplptmYn4o3r9RdkUTv2mMM_EpgabkGU7ztA5RhXM1Lmy9-nEEJMY2MvZr3zcq29EuApw_2Yd3-_PZyYiMNx47aYF69Nzc80M48PaZHNabG7Ni0EeCbPglhsN06VPQMlj4ji1aJ0IwmyyQkBUb4nx8i-E64Ab8Wlmvttk_yBV7jNHujwl7aojaK-ds0vGBEBUAnkXQWFaOmIf-iMXa9-5E5FPQE6jCE325eUvilqLqdinJKEMJ7jYraY__TbdR8Gv&cid=CAQSSwDUE5ym3hz-wbhNVUjg1GYQB6YElTCLr1JXq2mEM6HlGk40cKDFWuw7J3tSl9joedLUGjP3ImwGvBnn7JsiGX95W0TPdtAC0HyARBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3275671535494826500&adk=1033480531&idt=145&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
489a45ee74f1b8cba3b5f652a17bb4c9259556f950d1b42b1da357f613182161
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36076
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E6C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNUgZMU6upV3VPte2BhORitrDhWV54wj5g9FYQ2bUAu5CwMZ2moKS9gJy3xnjcsjr33l7j2QYWxr2X1J3U_bAG98ZH63RAeeD_oVyaJSp64NFyXgxWnEkqNOz1fcirXMrhoYRQW3CdqGXeXPxRVyW6k_fgFzq-qSxtQf1mWioL8WBwfmyCE
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame E6C8 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNUgZMU6upV3VPte2BhORitrDhWV54wj5g9FYQ2bUAu5CwMZ2moKS9gJy3xnjcsjr33l7j2QYWxr2X1J3U_bAG98ZH63RAeeD_oVyaJSp64NFyXgxWnEkqNOz1fcirXMrhoYRQW3CdqGXeXPxRVyW6k_fgFzq-qSxtQf1mWioL8WBwfmyCE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame E6C8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNUgZMU6upV3VPte2BhORitrDhWV54wj5g9FYQ2bUAu5CwMZ2moKS9gJy3xnjcsjr33l7j2QYWxr2X1J3U_bAG98ZH63RAeeD_oVyaJSp64NFyXgxWnEkqNOz1fcirXMrhoYRQW3CdqGXeXPxRVyW6k_fgFzq-qSxtQf1mWioL8WBwfmyCE
Protocol
H2
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 13:18:52 GMT
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame E6C8 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHn4wEQ4JWpAhiHgu68ATAB&v=APEucNUgZMU6upV3VPte2BhORitrDhWV54wj5g9FYQ2bUAu5CwMZ2moKS9gJy3xnjcsjr33l7j2QYWxr2X1J3U_bAG98ZH63RAeeD_oVyaJSp64NFyXgxWnEkqNOz1fcirXMrhoYRQW3CdqGXeXPxRVyW6k_fgFzq-qSxtQf1mWioL8WBwfmyCE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 13:18:51 GMT
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8AF6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 99D8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85F9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5725975146151&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85F9 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5725975146151&version=m202301230201&ct=76&x=1&cor=2630820520763288000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 85F9 		83 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd-MDGc9tCN7mnNf4n3M28Gy9wmBbklAZUe0OPpuMjrKbYgNAp-unm9LIayEG1q8749K932Qirx8plNkwkpWJGJMr046kf7DX65n-w4SF2bYE00xs&cry=1&dbm_d=AKAmf-C1VGF61webN3QVv_0yMEzTcX3EkBb0A0sxiAP-IefPyriDuX6cKMcvhQ9SBeefM938cVcu9bqBqEZlYX3aRJnpwXsMw6EI0-BAi28dKpTSt8Pm_7jOya9uT3gl72Dcvk5lVmcv_pROqQRvIXAb8_QqoSQiaMDmIkDst-GV_1RTSaR68vssvpk-Zo_5Owlw-W7dPWDxIikgWsZr6SylDIUXtS0CMyYySKrd-oJvqez9UgYOf1rmvURCSpEciaxccUrHVKyWj81zBbZm_ShfzKxT7rvHHxirAoi2pCkSfX2bTz_rRP3Esv4vDpNjzOX5GEQRr6zGvmedJVxTSZuZfJp4qJ6h3XkMBhrNMcnGzPAQF144qhnOC7qCKZg6kX9frgjxmOSFHNcD9FHsgaPlUzOJetHTedVJ_SJCEHo_3n6LNBCiVsbY4i5pW3JaLhCl4aIvmbGmowrhIzZWX8zly5hw-6pbbMuv3JyFnRICp30ULHF5FHDWdVDVKKLSYyXWWCD9g4n_FCrqCuymCo1xITpGNXL4JIKpJzBhJLHYiyigSA-MJ0u7kn18Jfn7DLOzUh-rdpd7l-CQmGkNLhT618OLUiySCpmYEA_9oJy2DwZzb9d9C4aYyKs9UxiPnJXvSHPdmrqbbP_rWN0Wj0OBtC6yS_TUTipDde3iZXevs2kNRK2B25xvPFKFf6zHKjrfz4bI9TDfoXVmJxCd7b5nlwd1jM3PrUvAXbos1bEtaIwkFe8LjUrN1749eOjPyAaWDQfGvKrMqx-tVYOTyXRIf-iWVhdNvgkPnk7WS4cotuVOt87u0VLHzHDzq4n7gRb5fxtHOWTZ3JRT7dJiMl6tMD9pmTOiyyA6FUoBXByiSo6cOjQ0NKzylOjhgo6XxHU7cKi9KbccLyehQ3wfO_DZ4qqW8kdWI_2Y0LbpgMIdYU9orw4lSsSuajbvwMmQYNZK-a-P_LzquOOfFKJs4Od4FVzSWUKSZG6jHLvaJOs03VkOc_wwbnlcJzNUFyjq-DYUaywTs612R56coTi2xAlZSnJxn-MP_jf3OwoivTwiFEeMgNImv0CdRO6nbhCILn89ppwPW7u-ebLdvb6yDRZR65k0ul9XtXHOc0XF8hCtoKjmsP0anwTJ20EEqMIHXrzTHR6p-7brjaavDkjd99RKPXV-_2AEgTcYtWUJuT2YM9WYVvx9yY41zfzhuoh8S2B4O2WDhBMD9lr6V6cGis5PHV7Q2_C7aeudisLq--u1wKNm41KfZWgDrsbb6ot_K412cjQq2JRJiNSRWMhf5kyQyoJnge4Z0ZrRDAiFnE_zpQmOpYeMUnAAHaWbqQTqcH3yTGVgkJMSVCgyYG7c-JccDniCSyIu1JGSmzoJIDR5s8SEy5ForOS8s2vNDcjNLmbzmHEdytaqwLiZNko_ZhFk8TwqoGvakcsa3RfluFeZin1qQnHTqs7B-UAYqfGE7J804aQF_7ksOEVzfOIePxwuzi5WmNaYL3nsJYLnZ45Ugh8hsiWLcWe2aUpuU_Ft-4UKHRkmWfhKwL1TkmQaUtMi6lgvculCzoNRFjoxCz4wwJmgff0mp82vHc0dDm4qfRzrkIHF3UQM_E1K8GUFqnxq348WkeXmjQ7dIwi3phNYfa4Amg0pNRicyzGxjbQ0rz8zpfkykZxpUpJFdrtkBhk6CKqOZbk_N5ST2DMPB35slTrcNLJh7Z6l2mEvQAdV5EJCAmHmGL1I9Ly36-hp7Q8EiXYj8RF1V7awqz5opD4T7CWqaXy13_G0EvOIcmtOEBuDxpKnMhKq04ixWepBPQITR-q4NDrumRRLo7cpjIhKFTqi3DHySuK7lhchqbxqrvCn52C36Chc5EOtGe-qm6_apJWhfbg0tZLYQesYNgVc0hhl8LhVIs_PFkiy3vfS0PqAP75qCfOkNx4YbubgEpHeyZUZSizOCbMeJzvR32B1I_PZQoSOGRfQ-e3V3re8pf784lQXEzTHWltfEvDE85nvwZ0BWb-How-3pOv-BjwuVyjMf0v0F_m4YN3PObEMjpvx1QjUOrc3rd9azjoeWalEjYI2Sl21EDskGSIMvjfL5mELv6y1HbIZy_Py88E0aZQJbUeeJJsIRR7jMZYv9MOhPGWER26UfaAaukaQ_6BN7X84gpjh4o2SQYqGC_cDDyL0TAKt880Aoh7-m_xnOr8G4Vc6dIuQI699n7YoSOusL1jsEtm3sS00iSrfUbNTkyCJ_gXNfEhp3TRqmgb4E2yrzqUoocG04ByZ00nGR-lRId8Urd0XG6J7ZJTF_sozDRF3MaE_EBW7umDZHGSiSMNYhhSdFQZmEWYt33-TQUcmGVwo5pahIKc-0dpS8isZnPDY0t3IF15IJyYzNvDA0JEKvLy34H2ZappmeKqvvD0Es_UUZe-WwdFCNzc_VUH3ot2Sw7Fcg092jcJVTqre4OXJ9qMWQzoksABPoq46ISpbMwgH3uD_wY6dtJDZd1zKmOqS36sS7AKeA2yCw89_J3x3GtPega8dejx-WqUCGZVd6zfDH-3iiEJp6TKyYRnOx8V6K5_6WWfzMpufTIzkNY5i11DVTIIRVB1pgGPy0ZoPhfAMNnkSTcwbsriZUpyJNVqJ3tvBaHgut-1dAZqvna5mGCtERe_4svRZKnTMXewD9tIhCW_gT0Tue3P8z7lB97OclyUIYoocouGuZpebbQwdxEPyLiIorNe4OVBE3e8aOq7AkuX_ThmxtdoMu-pQ_JZYDibCPILd4u07dVXV-K1ZvpLe7MkymAKH0Bf_EyXclml1gpXPmcVdhZWZ0NUfuMwdKDxxkKyZiyqdRgC-d5iWMOJJEG6rUEKjO7IzI_mIt8-zemakOCCx_gI24CxKzjPLlKgEpPkWMnfnWAlBmirmjWtD8PvYwjg9FzBjOeeEVUMRq8c2f5NQZurv5aPyms6xBD8gepGGhnf7YMHFKPXLXx1kSGjR36i0c1M8j4E3inKaS-7WsGxPcgcx_YraAVI6fmGhW5FCmVHICznK3WzFcTUCO9tl9nZKYC74q2m8_KhQdExt_GFhREBwKdLOvJtO6zfpRV5N93RP0Xv_T-OEIkM1CS-G7CRViZ00GLFy0YJHiJk7YUdy4caf2-y0KsY02NJg3ebNiYPcblBMvGGY7ZwxkN94CRSr403TyN3WQB3lrZU-5POtfh0jX9_p0AoRYbQndzf5dsD_CSGHO5fruCXDgvwo8sG6vFXxYWNr0nIZNRQXWUPIUYVbHSxP_1kRMZma45Vvp36svB4udLWb0OBSPbeZi1_jo_yJljs0Bo67z76snoP4-LlD-hgSmIjqXMv92TG2-oTtqh5rTAikPH00GVYyzOvYIYfQX0FgotYbi6GsTpY&cid=CAQSOwDUE5ym3KUMEzJJj9zZQ45M9zG1LXJf0JYyCFThMXfijs061t_tGQ_4bnGYGmrMO8YK3m5b09dnuLVvGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=2630820520763288000&adk=4188270525&idt=101&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbe4058523f610906d85674167371ba0faac6764766b2e06fbf245dc663d7648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35494
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280410797;dc_ver=94.277;sz=300x250;u_sd=1;dc_adk=4167744936;ord=iyppoe;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;cr...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 05E7 		55 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=94.277;sz=300x250;u_sd=1;dc_adk=4167744936;ord=iyppoe;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=145;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v94.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
092df5c734e99dad749258ffcb6175fb56291350c9efd6e565121736378d6a00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 943C 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 21:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 21:48:44 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame 943C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZeOp75itHrVU3jxXtC6NqTFOMu90AtY9wnj7x8UUe1FjA9Oqy6ca8HX_4x7sWOGY3EVzdyHtIo8UOrLtuw96AgyLNFQ&cry=1&dbm_d=AKAmf-BRT0jvEkQRIrwZwDxrEzKWKO95117sVOZ9ljghzRZQbWOxLtPAYZuPyFj5LTeqtjzXjihmY0LkDIrDsxghJ6ME1MNqiLE4lkP-GOT6WKYucMkGZAVcT_1f8ei_OjzQUnXJRE--A2mop7x6TkbXLfAzKVuUfGYIPLEFBq7CNjCHmo8BJkd8PBavOqtNcwrktHmJUHDkKHgzBTfe7A0F3RnzrwJYb55GvRB0_RbbYF_1VKw-quYA1Yj6kiHVf54iNmORKYKFFdfQyFPLyiPbV7u_Xi0VnYTAlaBpHJCGpV_O6QdD_a6Le_AsH-6GvePHJWeDZZd4DoCYaiS-PoFHFU2nv7EbpXCeSU5SGFOq754tiXyjx1D3badd1OlsSf4ZZedxm91KG2wxEwYcMc3V0bZET49qQqrhnS9T9dddt9CSBwmkIkEKPviNdnd0JPiug8Yf-wyfpLlNki7WZvj-FAm8F7JBZ94IjgddEyFGHKfmJ-zXnz-DNOhdausdbp75n_nqgtsieQMH5J7SDzhaBM0fm90UMEnLE3GJ3R7yycXcMZx5ML6q7r9Wct3k99diZ0TW9jnzTxgQw_KngCye2K6zVb9LsGp6dbFjHf9s1rIXTT2YzSu9cL_IQ_Wj4SBFHF2U2yggc9sNGE_tM-PQBA_K_mv7D0vWDdwcvykAbvtv74HJWdL0g11UxWn93XxTGCFjqOo98xVnFaXC2XnCzbf8Ga0G5hjki8E8UtShxTdpdntIYJ7YAF9Uj4AwgWDFAHZjzYGWLHxG2GYbzEWa0CwB6q8eZ1b6EZ60jIYUSn6oAJ5CTOdyQQgy_EQnfStR90yQtHx0GACNt_hlUfkYjhrUEbnYIsF7Nyfiyy0hzYadLHXC8whupT54O2rQvbNCwsISoT_afv4qcHClYWjxweiXw0ev4vBe-oPlO3fms82S2eIZSzMZlpSIiBM5N3Ua-octvkAq7tnnBuqOBRc8g3jrf1Mv1hQqnQhuGGkN7KCWkoc4HBnHDbHFgfvHtLFvFRS1hr2-3FMR6Kv2tYwRY8OCkutV7N8E_18eSDi3yALJk1_yVhcr1OzZRmS9I2IQ-YckTNJz74GF6-S91AhilJai7PiDqZNE9kJwyRufstdJJ0rVQdTF9kn6gdNBZpz4P53xW-YnWpJW1S0NtbsPZTWF-on9NJ1_FZmU0RE54vO7FI1-1-MtN8OUzIRk0rxdQzkiGTkA3OGD-OwW68QQCjM29_Aisjcv63q3blzwt6BnbDNYGRf_IIx7W_epUFr9sfwNRYIOZRWUhb9EsullN8LJHxJvONFTCWRTEBqMCqoZVEd5naATl3zpyJPMAjZZ4Z6_SVvZB99-jkIDLh6tvuAWPAIQ_rQa9SZysD61WVRn5N_rEXQ-su8GGMtybN2LEQHPmOaZJGFZBne3itq10vAb5gOTJzQbvKnr1y-wiYDZt1Zecgmomyg5r8GC5xxH6JyecUQKLqRUVcDZmd3YwzAtrYUJucz6uwrB1XNTjAMuZuHp5pVeuaR3dVnfAKrS1MkS-U_GfEC7mZLleAs27iTQSIzNWAQRNBGrW6c7fdOfWkfKgfZCh7kfmFCnPV8gdrsnc-udlcnkl5Zc1jItE45XTCv9UKhoxibtgzHwu44WUiaQQaTSRyzDmecevqMcUYL0WaC8IwhZT-e9XgJi-BBSbDA2TSz2vBey5oyVS2hOd3qdQFNXD0uVTJMccpCTjq3g6HsjrUj-cM_3C92RSja2FWaZU595y_l9LLtWYsHrzBVYlRi6N5daEn77pCO_rpratYPhg1FmyyGAKWH_R0-cYMuB13UaE0A5x2YBCpThsjFboGClqTVYDKDQWp0AgREZQ9emzwtFmLNk4xFXMVTMzjpYl500i4NPZ7ye6mAZGtT3U0xIPaZXoZzqj2xZzY2O98tJvNL3-CRaSzueZ4PObDVzCaz8MwROhoJLphJoLtkxRqGlbUs2qtBRin_7vNDhDPhEQ_8xhlHVhFmin3dFW3aKTcryex-mTjHrbCyY5pk9F87aQpzMeozWQOLG-MmRF0IlQ7oDe0MlGs8jWHyDhEUgu2MBEZDDiC1t2D4yyREBLokImX8nzRBLtniJFvsSUla27N9V3d2420XfbWLAuBERjPHNM3au3Qd-1wIjOlAaCXYR58Q_jFmwqHR6ZTxXzeSnYtKfFfdZtpePRveCpF-uNUJ6Zu4HB0yTYeOLv2Y1QlKV_USsLDD_xbOxn6s6b2D0lmQp5VWSaBlbX5EV_6iG6Vy3rZP1UQETsULNHcGzjkipJCDWM31KRl5GpqcXYzD5sGeVtDpB44rS15c20lepQ4A-EiTKr4K3IeDhqXq4vNchHyLLKmLvBQghni4B-v0Fqu6Obl4iCGxWedO8kD5VufBeQgEsDX0bWFYyANE-jGtHfQwQMqA4SiXfRJ4l9uXFJ6pN688PbM1tDT_byzBIIAYyMX_5ac-t2LIivPGU7VKuocXf8dbk-sN-bFX53N3hHY1rkg0YWEPqav9tPwnX7TtZLQf1f59OqUcmNps0jFD1kr3pinWm6SzANHvq7hqDav_LgPbd1FqP_grZmBkFfz0J1TIQsh6VRhVt0rqr6IRe7qOhTtyYBFmXy-bAM1xOr5_peCHTJQdOBbM0V8TCzmRmFHm6sknVZIFNxJeK7alYoBssIlWv7u52jwZbP2AOl7aD8vvIVUYb08pTIgf83h2QYvK79iSU6H_6CA6LP5vQdFpqCR3pZ7YElHon1b8vKGxtN6XBKLK2Aw1ufyCl2SurAFAVPHXWJvORtJIcfpGYCSGvkevG0QXbaLcDLYqE9-HIg8s7ws4YKfCLDuI2O8vFuZCROI54WD503QeoCyQOScHFB2tafki33YXMNWNZDPZIHNw2eb-2ArAkCx-HmP8dcP2CtuTzOaRw7UqfYMedzRdehupODA9uGwenfvLjuicBGGlW5CN3MGTtEb5vgeyZG3wbvACvan1MRKks2VK8AgzzS0I87PzdgmXIWseQxBSyUAwPVLC-bnC1kpmH5NYPRgrrREO17xeWrQbUcKMejGSUVWNjO6DI5-L0OxEzPY8X5h9HofjHNVGp6tfUpu5BtyUSkNVM45ChshaNLO7nIwSp5F4XYk7z3nyZ8a1oTuMCAlOeqFMTNumEeBT-E0Spv2h3vHDMhvpCn-qeD7WV8bfEygMh-0PerlR6wlsAsJNnl5-3JkyUrTQW_tqs4o-FcTUEDBxvCHm76kBatLqQ8hhJAg_02UqWPWUtEQECplptmYn4o3r9RdkUTv2mMM_EpgabkGU7ztA5RhXM1Lmy9-nEEJMY2MvZr3zcq29EuApw_2Yd3-_PZyYiMNx47aYF69Nzc80M48PaZHNabG7Ni0EeCbPglhsN06VPQMlj4ji1aJ0IwmyyQkBUb4nx8i-E64Ab8Wlmvttk_yBV7jNHujwl7aojaK-ds0vGBEBUAnkXQWFaOmIf-iMXa9-5E5FPQE6jCE325eUvilqLqdinJKEMJ7jYraY__TbdR8Gv&cid=CAQSSwDUE5ym3hz-wbhNVUjg1GYQB6YElTCLr1JXq2mEM6HlGk40cKDFWuw7J3tSl9joedLUGjP3ImwGvBnn7JsiGX95W0TPdtAC0HyARBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3275671535494826500&adk=1033480531&idt=145&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame 943C 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZeOp75itHrVU3jxXtC6NqTFOMu90AtY9wnj7x8UUe1FjA9Oqy6ca8HX_4x7sWOGY3EVzdyHtIo8UOrLtuw96AgyLNFQ&cry=1&dbm_d=AKAmf-BRT0jvEkQRIrwZwDxrEzKWKO95117sVOZ9ljghzRZQbWOxLtPAYZuPyFj5LTeqtjzXjihmY0LkDIrDsxghJ6ME1MNqiLE4lkP-GOT6WKYucMkGZAVcT_1f8ei_OjzQUnXJRE--A2mop7x6TkbXLfAzKVuUfGYIPLEFBq7CNjCHmo8BJkd8PBavOqtNcwrktHmJUHDkKHgzBTfe7A0F3RnzrwJYb55GvRB0_RbbYF_1VKw-quYA1Yj6kiHVf54iNmORKYKFFdfQyFPLyiPbV7u_Xi0VnYTAlaBpHJCGpV_O6QdD_a6Le_AsH-6GvePHJWeDZZd4DoCYaiS-PoFHFU2nv7EbpXCeSU5SGFOq754tiXyjx1D3badd1OlsSf4ZZedxm91KG2wxEwYcMc3V0bZET49qQqrhnS9T9dddt9CSBwmkIkEKPviNdnd0JPiug8Yf-wyfpLlNki7WZvj-FAm8F7JBZ94IjgddEyFGHKfmJ-zXnz-DNOhdausdbp75n_nqgtsieQMH5J7SDzhaBM0fm90UMEnLE3GJ3R7yycXcMZx5ML6q7r9Wct3k99diZ0TW9jnzTxgQw_KngCye2K6zVb9LsGp6dbFjHf9s1rIXTT2YzSu9cL_IQ_Wj4SBFHF2U2yggc9sNGE_tM-PQBA_K_mv7D0vWDdwcvykAbvtv74HJWdL0g11UxWn93XxTGCFjqOo98xVnFaXC2XnCzbf8Ga0G5hjki8E8UtShxTdpdntIYJ7YAF9Uj4AwgWDFAHZjzYGWLHxG2GYbzEWa0CwB6q8eZ1b6EZ60jIYUSn6oAJ5CTOdyQQgy_EQnfStR90yQtHx0GACNt_hlUfkYjhrUEbnYIsF7Nyfiyy0hzYadLHXC8whupT54O2rQvbNCwsISoT_afv4qcHClYWjxweiXw0ev4vBe-oPlO3fms82S2eIZSzMZlpSIiBM5N3Ua-octvkAq7tnnBuqOBRc8g3jrf1Mv1hQqnQhuGGkN7KCWkoc4HBnHDbHFgfvHtLFvFRS1hr2-3FMR6Kv2tYwRY8OCkutV7N8E_18eSDi3yALJk1_yVhcr1OzZRmS9I2IQ-YckTNJz74GF6-S91AhilJai7PiDqZNE9kJwyRufstdJJ0rVQdTF9kn6gdNBZpz4P53xW-YnWpJW1S0NtbsPZTWF-on9NJ1_FZmU0RE54vO7FI1-1-MtN8OUzIRk0rxdQzkiGTkA3OGD-OwW68QQCjM29_Aisjcv63q3blzwt6BnbDNYGRf_IIx7W_epUFr9sfwNRYIOZRWUhb9EsullN8LJHxJvONFTCWRTEBqMCqoZVEd5naATl3zpyJPMAjZZ4Z6_SVvZB99-jkIDLh6tvuAWPAIQ_rQa9SZysD61WVRn5N_rEXQ-su8GGMtybN2LEQHPmOaZJGFZBne3itq10vAb5gOTJzQbvKnr1y-wiYDZt1Zecgmomyg5r8GC5xxH6JyecUQKLqRUVcDZmd3YwzAtrYUJucz6uwrB1XNTjAMuZuHp5pVeuaR3dVnfAKrS1MkS-U_GfEC7mZLleAs27iTQSIzNWAQRNBGrW6c7fdOfWkfKgfZCh7kfmFCnPV8gdrsnc-udlcnkl5Zc1jItE45XTCv9UKhoxibtgzHwu44WUiaQQaTSRyzDmecevqMcUYL0WaC8IwhZT-e9XgJi-BBSbDA2TSz2vBey5oyVS2hOd3qdQFNXD0uVTJMccpCTjq3g6HsjrUj-cM_3C92RSja2FWaZU595y_l9LLtWYsHrzBVYlRi6N5daEn77pCO_rpratYPhg1FmyyGAKWH_R0-cYMuB13UaE0A5x2YBCpThsjFboGClqTVYDKDQWp0AgREZQ9emzwtFmLNk4xFXMVTMzjpYl500i4NPZ7ye6mAZGtT3U0xIPaZXoZzqj2xZzY2O98tJvNL3-CRaSzueZ4PObDVzCaz8MwROhoJLphJoLtkxRqGlbUs2qtBRin_7vNDhDPhEQ_8xhlHVhFmin3dFW3aKTcryex-mTjHrbCyY5pk9F87aQpzMeozWQOLG-MmRF0IlQ7oDe0MlGs8jWHyDhEUgu2MBEZDDiC1t2D4yyREBLokImX8nzRBLtniJFvsSUla27N9V3d2420XfbWLAuBERjPHNM3au3Qd-1wIjOlAaCXYR58Q_jFmwqHR6ZTxXzeSnYtKfFfdZtpePRveCpF-uNUJ6Zu4HB0yTYeOLv2Y1QlKV_USsLDD_xbOxn6s6b2D0lmQp5VWSaBlbX5EV_6iG6Vy3rZP1UQETsULNHcGzjkipJCDWM31KRl5GpqcXYzD5sGeVtDpB44rS15c20lepQ4A-EiTKr4K3IeDhqXq4vNchHyLLKmLvBQghni4B-v0Fqu6Obl4iCGxWedO8kD5VufBeQgEsDX0bWFYyANE-jGtHfQwQMqA4SiXfRJ4l9uXFJ6pN688PbM1tDT_byzBIIAYyMX_5ac-t2LIivPGU7VKuocXf8dbk-sN-bFX53N3hHY1rkg0YWEPqav9tPwnX7TtZLQf1f59OqUcmNps0jFD1kr3pinWm6SzANHvq7hqDav_LgPbd1FqP_grZmBkFfz0J1TIQsh6VRhVt0rqr6IRe7qOhTtyYBFmXy-bAM1xOr5_peCHTJQdOBbM0V8TCzmRmFHm6sknVZIFNxJeK7alYoBssIlWv7u52jwZbP2AOl7aD8vvIVUYb08pTIgf83h2QYvK79iSU6H_6CA6LP5vQdFpqCR3pZ7YElHon1b8vKGxtN6XBKLK2Aw1ufyCl2SurAFAVPHXWJvORtJIcfpGYCSGvkevG0QXbaLcDLYqE9-HIg8s7ws4YKfCLDuI2O8vFuZCROI54WD503QeoCyQOScHFB2tafki33YXMNWNZDPZIHNw2eb-2ArAkCx-HmP8dcP2CtuTzOaRw7UqfYMedzRdehupODA9uGwenfvLjuicBGGlW5CN3MGTtEb5vgeyZG3wbvACvan1MRKks2VK8AgzzS0I87PzdgmXIWseQxBSyUAwPVLC-bnC1kpmH5NYPRgrrREO17xeWrQbUcKMejGSUVWNjO6DI5-L0OxEzPY8X5h9HofjHNVGp6tfUpu5BtyUSkNVM45ChshaNLO7nIwSp5F4XYk7z3nyZ8a1oTuMCAlOeqFMTNumEeBT-E0Spv2h3vHDMhvpCn-qeD7WV8bfEygMh-0PerlR6wlsAsJNnl5-3JkyUrTQW_tqs4o-FcTUEDBxvCHm76kBatLqQ8hhJAg_02UqWPWUtEQECplptmYn4o3r9RdkUTv2mMM_EpgabkGU7ztA5RhXM1Lmy9-nEEJMY2MvZr3zcq29EuApw_2Yd3-_PZyYiMNx47aYF69Nzc80M48PaZHNabG7Ni0EeCbPglhsN06VPQMlj4ji1aJ0IwmyyQkBUb4nx8i-E64Ab8Wlmvttk_yBV7jNHujwl7aojaK-ds0vGBEBUAnkXQWFaOmIf-iMXa9-5E5FPQE6jCE325eUvilqLqdinJKEMJ7jYraY__TbdR8Gv&cid=CAQSSwDUE5ym3hz-wbhNVUjg1GYQB6YElTCLr1JXq2mEM6HlGk40cKDFWuw7J3tSl9joedLUGjP3ImwGvBnn7JsiGX95W0TPdtAC0HyARBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=3275671535494826500&adk=1033480531&idt=145&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10982
x-xss-protection
0
server
cafe
etag
3642240749246652247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame C42E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8DAA 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiTkrzHATAB&v=APEucNXuQ7h1yeL0UzLoOD3ypaNhxhUUaKcdAl5fo-s0YyfVJLhjZEXLxrZYMRTxzGsrcbTrK_ETsqBpoOtqo2N2cppx5_fWuwg_oAx2nDdHyaZtYFYcTQoYhwZZn0xAS-ZHHZsf1-9F0HIF8-IrQbd-PHp-u2slhYhaMVXKYN1zOg4GtN_jX44
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8AF6 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AF6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dn3xF1GZBQ3KGh_GUdldb0ZSV58EXTHEH56VjbgcUHDJmmIxSnBI2ENY_vPpYJ2JjNZWABLedOdNJGK3-Ekub8qY4pca-kNrSP4kY796St53yvGvY
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AF6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4086399203993409190&x=1&ct=77
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 8AF6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0hfS0dCtqLYta0znrLugxpW&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16722942388&DVP_DBM_4=418318611&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=167055432748&turl=https://www.flaresenha.com/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a82 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame 8AF6 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0hfS0dCtqLYta0znrLugxpW&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16722942388&DVP_DBM_4=418318611&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=167055432748&turl=https://www.flaresenha.com/&DVP_PP_BUNDLE_ID=
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a82 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e2bc298e6bdfed6bba2707538ffbcb6e8ed6995f3376772d972adb298ce382a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2023 10:56:08 GMT
Server
Microsoft-IIS/10.0
ETag
W/"0d433c8e23ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3337
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 8AF6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 8AF6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
l
www.google.com/ads/measurement/ Frame 8AF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYqvPum66-b_XnxSi6VM844yVxgmDE0Saci1qu3TzSeheKNsOzRyfD0zYGhA7kUyp_CorQj_jiKQTHvGUCb6bMKYLQSQ
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8AF6 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:52 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 690A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuKDOWYRxSvfAaLEB9dlPC5ahdhtz8MJ0X5fKshA6ckNXiAWTUfeC98BPkQNpfnd79LSPsE677FAtcYSb4N87yzHayLHClvC7-b18p30qcfD1u1LqtF9c-kNh6RMtUoe1dvgDFs6MjJvQaqXkJboxI3QJnlhcCWfUy6O0GXJ6_XbUIpmvEPq6ZygLfZiFAxY1nrocJRZhFs3Qe0hiW9QqPvGqcYFtU3gpmF63GF5St2Dkq1WboojtMuks82FvyJ9kzK_ixoyyC5RVfdKKT2WKy3yl105DKYEZy5COBTMvYHrPUv9TX2pM-fTVudrci4Nb0VqyEqTMAKG7gWUW5thnnPzW2GbxwwDy-czYOZmwt7PI7skrOEsIIrkhbWAVojT7BGKpvHIWVpduATwZXdw9DvlLwfSpsd6ihfumm9fyfm7hu-UpP8j9LrwslLcDvx-qSBB9Wbhf0VxU95gkz5EePYM6tbPukVRFYPILrr5VoDK0boMD3LzF-9ulTZUPW0WsmZ6J_Sc4r6JiC5FRGynItOQ-BdUXck3VbtnKTqePe_GYUtq_MmDxkFEkgD7kPEvdo_5cuq7AVjwLH48FUfqSzLe6ftEKkwx64AnFegs_wOk-UrIz4OUqsBsJ92DIQkccRFkJOmn2Q34lMQPhSxWd-SNx6ce4Fgcw0fMKUYW7s0Q7orj2cmqbd5mmMU0x4sipulYU1hVeaeP6RB4WnuO04o-rv_u_ecH-sHrR5nN1Piu0UNHW5Gsn1CNQOoQCYrvAJBVFDSEfATOVSzyQv1bz3Wfjnf_bNm0YTWlB-jVAmew9bnyCJTGLXe7GxWj6UA7lk_RCbgrN-ctlwRh-5WVJEZw_VuQuLLjsM2OmYksR-fzUDx6skYjnVHj140u4j1Txcx-socJ6bW1yy1vfy4_bxnFmBUArT94I-h52mA7GSeGUvpV9K39yWtBp73Of1oPyTGy6-kpWpzy6HHX3k4WBdMWNg5rvoTMedUwFAeANKAXdKDpLNE98ZLVqvx5SzAvOOKcfvrzq3FHPdtnEqf7P1zXSgnWpHyndFF01SnCECnv2LPE03zt1FvRYsv1x_WLQJjwc_TFcpATQBCiPB1YL85dvXFzRAe7W2BqdUJ2sTttW-RsNjiR_Y-InVvsOKIUmQ-pfYKfD_Ptc-5qrlHcNodQvSOTsw71jLvuFxCA-1yUpeK1B46o7gj6L1VNr4IXVvIeAYbNn02gC_cQpuZd-WW5ZmvR1eAVXWP1Pj8sQYZ4sijt2_VrmaoapWE0ZL72VY7PkaCGIwWBzRR3eq_ALQIO1B0B2ka4UwGKuKJtheU76ZppRaToXzUThbp&sai=AMfl-YTHmnln5jKWg0o5soThpkM4IG9RSEOmnyk1IBrIe5XKLUVMPDiVoZNJmnDdJYIR6C9lMTUR5k9UHZ_C6MG-BsDp-sRVhWyBsxT-dm_1j3762GYcwzN6AKMIHq96RmtAqYgiXmzrZ5V8Tt_mDg8k1A8MhNH-R4z8r1Vs8b5XEodiHmIvdMC9Lph2L741GqbyQ9Oa51Mmd7Gp_bvwKEcQDOqxE95gbM7UXzTJZ8o_xsItRzrrysA8VE6dp68CllnxNJSWmzeqPDHAR_5ob52lWPs5GtSgbXlsTUsT&sig=Cg0ArKJSzBzTPAq8-mJyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=656&vt=11&dtpt=408&dett=3&cstd=240&cisv=r20230206.70565&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:52 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4365 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame CD99 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05b7286cd07d7e6fa43352322f67c4d650d85cc886545e888faa759d183b6353
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5639
x-xss-protection
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 85F9 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 17:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 17:08:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame 85F9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd-MDGc9tCN7mnNf4n3M28Gy9wmBbklAZUe0OPpuMjrKbYgNAp-unm9LIayEG1q8749K932Qirx8plNkwkpWJGJMr046kf7DX65n-w4SF2bYE00xs&cry=1&dbm_d=AKAmf-C1VGF61webN3QVv_0yMEzTcX3EkBb0A0sxiAP-IefPyriDuX6cKMcvhQ9SBeefM938cVcu9bqBqEZlYX3aRJnpwXsMw6EI0-BAi28dKpTSt8Pm_7jOya9uT3gl72Dcvk5lVmcv_pROqQRvIXAb8_QqoSQiaMDmIkDst-GV_1RTSaR68vssvpk-Zo_5Owlw-W7dPWDxIikgWsZr6SylDIUXtS0CMyYySKrd-oJvqez9UgYOf1rmvURCSpEciaxccUrHVKyWj81zBbZm_ShfzKxT7rvHHxirAoi2pCkSfX2bTz_rRP3Esv4vDpNjzOX5GEQRr6zGvmedJVxTSZuZfJp4qJ6h3XkMBhrNMcnGzPAQF144qhnOC7qCKZg6kX9frgjxmOSFHNcD9FHsgaPlUzOJetHTedVJ_SJCEHo_3n6LNBCiVsbY4i5pW3JaLhCl4aIvmbGmowrhIzZWX8zly5hw-6pbbMuv3JyFnRICp30ULHF5FHDWdVDVKKLSYyXWWCD9g4n_FCrqCuymCo1xITpGNXL4JIKpJzBhJLHYiyigSA-MJ0u7kn18Jfn7DLOzUh-rdpd7l-CQmGkNLhT618OLUiySCpmYEA_9oJy2DwZzb9d9C4aYyKs9UxiPnJXvSHPdmrqbbP_rWN0Wj0OBtC6yS_TUTipDde3iZXevs2kNRK2B25xvPFKFf6zHKjrfz4bI9TDfoXVmJxCd7b5nlwd1jM3PrUvAXbos1bEtaIwkFe8LjUrN1749eOjPyAaWDQfGvKrMqx-tVYOTyXRIf-iWVhdNvgkPnk7WS4cotuVOt87u0VLHzHDzq4n7gRb5fxtHOWTZ3JRT7dJiMl6tMD9pmTOiyyA6FUoBXByiSo6cOjQ0NKzylOjhgo6XxHU7cKi9KbccLyehQ3wfO_DZ4qqW8kdWI_2Y0LbpgMIdYU9orw4lSsSuajbvwMmQYNZK-a-P_LzquOOfFKJs4Od4FVzSWUKSZG6jHLvaJOs03VkOc_wwbnlcJzNUFyjq-DYUaywTs612R56coTi2xAlZSnJxn-MP_jf3OwoivTwiFEeMgNImv0CdRO6nbhCILn89ppwPW7u-ebLdvb6yDRZR65k0ul9XtXHOc0XF8hCtoKjmsP0anwTJ20EEqMIHXrzTHR6p-7brjaavDkjd99RKPXV-_2AEgTcYtWUJuT2YM9WYVvx9yY41zfzhuoh8S2B4O2WDhBMD9lr6V6cGis5PHV7Q2_C7aeudisLq--u1wKNm41KfZWgDrsbb6ot_K412cjQq2JRJiNSRWMhf5kyQyoJnge4Z0ZrRDAiFnE_zpQmOpYeMUnAAHaWbqQTqcH3yTGVgkJMSVCgyYG7c-JccDniCSyIu1JGSmzoJIDR5s8SEy5ForOS8s2vNDcjNLmbzmHEdytaqwLiZNko_ZhFk8TwqoGvakcsa3RfluFeZin1qQnHTqs7B-UAYqfGE7J804aQF_7ksOEVzfOIePxwuzi5WmNaYL3nsJYLnZ45Ugh8hsiWLcWe2aUpuU_Ft-4UKHRkmWfhKwL1TkmQaUtMi6lgvculCzoNRFjoxCz4wwJmgff0mp82vHc0dDm4qfRzrkIHF3UQM_E1K8GUFqnxq348WkeXmjQ7dIwi3phNYfa4Amg0pNRicyzGxjbQ0rz8zpfkykZxpUpJFdrtkBhk6CKqOZbk_N5ST2DMPB35slTrcNLJh7Z6l2mEvQAdV5EJCAmHmGL1I9Ly36-hp7Q8EiXYj8RF1V7awqz5opD4T7CWqaXy13_G0EvOIcmtOEBuDxpKnMhKq04ixWepBPQITR-q4NDrumRRLo7cpjIhKFTqi3DHySuK7lhchqbxqrvCn52C36Chc5EOtGe-qm6_apJWhfbg0tZLYQesYNgVc0hhl8LhVIs_PFkiy3vfS0PqAP75qCfOkNx4YbubgEpHeyZUZSizOCbMeJzvR32B1I_PZQoSOGRfQ-e3V3re8pf784lQXEzTHWltfEvDE85nvwZ0BWb-How-3pOv-BjwuVyjMf0v0F_m4YN3PObEMjpvx1QjUOrc3rd9azjoeWalEjYI2Sl21EDskGSIMvjfL5mELv6y1HbIZy_Py88E0aZQJbUeeJJsIRR7jMZYv9MOhPGWER26UfaAaukaQ_6BN7X84gpjh4o2SQYqGC_cDDyL0TAKt880Aoh7-m_xnOr8G4Vc6dIuQI699n7YoSOusL1jsEtm3sS00iSrfUbNTkyCJ_gXNfEhp3TRqmgb4E2yrzqUoocG04ByZ00nGR-lRId8Urd0XG6J7ZJTF_sozDRF3MaE_EBW7umDZHGSiSMNYhhSdFQZmEWYt33-TQUcmGVwo5pahIKc-0dpS8isZnPDY0t3IF15IJyYzNvDA0JEKvLy34H2ZappmeKqvvD0Es_UUZe-WwdFCNzc_VUH3ot2Sw7Fcg092jcJVTqre4OXJ9qMWQzoksABPoq46ISpbMwgH3uD_wY6dtJDZd1zKmOqS36sS7AKeA2yCw89_J3x3GtPega8dejx-WqUCGZVd6zfDH-3iiEJp6TKyYRnOx8V6K5_6WWfzMpufTIzkNY5i11DVTIIRVB1pgGPy0ZoPhfAMNnkSTcwbsriZUpyJNVqJ3tvBaHgut-1dAZqvna5mGCtERe_4svRZKnTMXewD9tIhCW_gT0Tue3P8z7lB97OclyUIYoocouGuZpebbQwdxEPyLiIorNe4OVBE3e8aOq7AkuX_ThmxtdoMu-pQ_JZYDibCPILd4u07dVXV-K1ZvpLe7MkymAKH0Bf_EyXclml1gpXPmcVdhZWZ0NUfuMwdKDxxkKyZiyqdRgC-d5iWMOJJEG6rUEKjO7IzI_mIt8-zemakOCCx_gI24CxKzjPLlKgEpPkWMnfnWAlBmirmjWtD8PvYwjg9FzBjOeeEVUMRq8c2f5NQZurv5aPyms6xBD8gepGGhnf7YMHFKPXLXx1kSGjR36i0c1M8j4E3inKaS-7WsGxPcgcx_YraAVI6fmGhW5FCmVHICznK3WzFcTUCO9tl9nZKYC74q2m8_KhQdExt_GFhREBwKdLOvJtO6zfpRV5N93RP0Xv_T-OEIkM1CS-G7CRViZ00GLFy0YJHiJk7YUdy4caf2-y0KsY02NJg3ebNiYPcblBMvGGY7ZwxkN94CRSr403TyN3WQB3lrZU-5POtfh0jX9_p0AoRYbQndzf5dsD_CSGHO5fruCXDgvwo8sG6vFXxYWNr0nIZNRQXWUPIUYVbHSxP_1kRMZma45Vvp36svB4udLWb0OBSPbeZi1_jo_yJljs0Bo67z76snoP4-LlD-hgSmIjqXMv92TG2-oTtqh5rTAikPH00GVYyzOvYIYfQX0FgotYbi6GsTpY&cid=CAQSOwDUE5ym3KUMEzJJj9zZQ45M9zG1LXJf0JYyCFThMXfijs061t_tGQ_4bnGYGmrMO8YK3m5b09dnuLVvGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=2630820520763288000&adk=4188270525&idt=101&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame 85F9 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bd-MDGc9tCN7mnNf4n3M28Gy9wmBbklAZUe0OPpuMjrKbYgNAp-unm9LIayEG1q8749K932Qirx8plNkwkpWJGJMr046kf7DX65n-w4SF2bYE00xs&cry=1&dbm_d=AKAmf-C1VGF61webN3QVv_0yMEzTcX3EkBb0A0sxiAP-IefPyriDuX6cKMcvhQ9SBeefM938cVcu9bqBqEZlYX3aRJnpwXsMw6EI0-BAi28dKpTSt8Pm_7jOya9uT3gl72Dcvk5lVmcv_pROqQRvIXAb8_QqoSQiaMDmIkDst-GV_1RTSaR68vssvpk-Zo_5Owlw-W7dPWDxIikgWsZr6SylDIUXtS0CMyYySKrd-oJvqez9UgYOf1rmvURCSpEciaxccUrHVKyWj81zBbZm_ShfzKxT7rvHHxirAoi2pCkSfX2bTz_rRP3Esv4vDpNjzOX5GEQRr6zGvmedJVxTSZuZfJp4qJ6h3XkMBhrNMcnGzPAQF144qhnOC7qCKZg6kX9frgjxmOSFHNcD9FHsgaPlUzOJetHTedVJ_SJCEHo_3n6LNBCiVsbY4i5pW3JaLhCl4aIvmbGmowrhIzZWX8zly5hw-6pbbMuv3JyFnRICp30ULHF5FHDWdVDVKKLSYyXWWCD9g4n_FCrqCuymCo1xITpGNXL4JIKpJzBhJLHYiyigSA-MJ0u7kn18Jfn7DLOzUh-rdpd7l-CQmGkNLhT618OLUiySCpmYEA_9oJy2DwZzb9d9C4aYyKs9UxiPnJXvSHPdmrqbbP_rWN0Wj0OBtC6yS_TUTipDde3iZXevs2kNRK2B25xvPFKFf6zHKjrfz4bI9TDfoXVmJxCd7b5nlwd1jM3PrUvAXbos1bEtaIwkFe8LjUrN1749eOjPyAaWDQfGvKrMqx-tVYOTyXRIf-iWVhdNvgkPnk7WS4cotuVOt87u0VLHzHDzq4n7gRb5fxtHOWTZ3JRT7dJiMl6tMD9pmTOiyyA6FUoBXByiSo6cOjQ0NKzylOjhgo6XxHU7cKi9KbccLyehQ3wfO_DZ4qqW8kdWI_2Y0LbpgMIdYU9orw4lSsSuajbvwMmQYNZK-a-P_LzquOOfFKJs4Od4FVzSWUKSZG6jHLvaJOs03VkOc_wwbnlcJzNUFyjq-DYUaywTs612R56coTi2xAlZSnJxn-MP_jf3OwoivTwiFEeMgNImv0CdRO6nbhCILn89ppwPW7u-ebLdvb6yDRZR65k0ul9XtXHOc0XF8hCtoKjmsP0anwTJ20EEqMIHXrzTHR6p-7brjaavDkjd99RKPXV-_2AEgTcYtWUJuT2YM9WYVvx9yY41zfzhuoh8S2B4O2WDhBMD9lr6V6cGis5PHV7Q2_C7aeudisLq--u1wKNm41KfZWgDrsbb6ot_K412cjQq2JRJiNSRWMhf5kyQyoJnge4Z0ZrRDAiFnE_zpQmOpYeMUnAAHaWbqQTqcH3yTGVgkJMSVCgyYG7c-JccDniCSyIu1JGSmzoJIDR5s8SEy5ForOS8s2vNDcjNLmbzmHEdytaqwLiZNko_ZhFk8TwqoGvakcsa3RfluFeZin1qQnHTqs7B-UAYqfGE7J804aQF_7ksOEVzfOIePxwuzi5WmNaYL3nsJYLnZ45Ugh8hsiWLcWe2aUpuU_Ft-4UKHRkmWfhKwL1TkmQaUtMi6lgvculCzoNRFjoxCz4wwJmgff0mp82vHc0dDm4qfRzrkIHF3UQM_E1K8GUFqnxq348WkeXmjQ7dIwi3phNYfa4Amg0pNRicyzGxjbQ0rz8zpfkykZxpUpJFdrtkBhk6CKqOZbk_N5ST2DMPB35slTrcNLJh7Z6l2mEvQAdV5EJCAmHmGL1I9Ly36-hp7Q8EiXYj8RF1V7awqz5opD4T7CWqaXy13_G0EvOIcmtOEBuDxpKnMhKq04ixWepBPQITR-q4NDrumRRLo7cpjIhKFTqi3DHySuK7lhchqbxqrvCn52C36Chc5EOtGe-qm6_apJWhfbg0tZLYQesYNgVc0hhl8LhVIs_PFkiy3vfS0PqAP75qCfOkNx4YbubgEpHeyZUZSizOCbMeJzvR32B1I_PZQoSOGRfQ-e3V3re8pf784lQXEzTHWltfEvDE85nvwZ0BWb-How-3pOv-BjwuVyjMf0v0F_m4YN3PObEMjpvx1QjUOrc3rd9azjoeWalEjYI2Sl21EDskGSIMvjfL5mELv6y1HbIZy_Py88E0aZQJbUeeJJsIRR7jMZYv9MOhPGWER26UfaAaukaQ_6BN7X84gpjh4o2SQYqGC_cDDyL0TAKt880Aoh7-m_xnOr8G4Vc6dIuQI699n7YoSOusL1jsEtm3sS00iSrfUbNTkyCJ_gXNfEhp3TRqmgb4E2yrzqUoocG04ByZ00nGR-lRId8Urd0XG6J7ZJTF_sozDRF3MaE_EBW7umDZHGSiSMNYhhSdFQZmEWYt33-TQUcmGVwo5pahIKc-0dpS8isZnPDY0t3IF15IJyYzNvDA0JEKvLy34H2ZappmeKqvvD0Es_UUZe-WwdFCNzc_VUH3ot2Sw7Fcg092jcJVTqre4OXJ9qMWQzoksABPoq46ISpbMwgH3uD_wY6dtJDZd1zKmOqS36sS7AKeA2yCw89_J3x3GtPega8dejx-WqUCGZVd6zfDH-3iiEJp6TKyYRnOx8V6K5_6WWfzMpufTIzkNY5i11DVTIIRVB1pgGPy0ZoPhfAMNnkSTcwbsriZUpyJNVqJ3tvBaHgut-1dAZqvna5mGCtERe_4svRZKnTMXewD9tIhCW_gT0Tue3P8z7lB97OclyUIYoocouGuZpebbQwdxEPyLiIorNe4OVBE3e8aOq7AkuX_ThmxtdoMu-pQ_JZYDibCPILd4u07dVXV-K1ZvpLe7MkymAKH0Bf_EyXclml1gpXPmcVdhZWZ0NUfuMwdKDxxkKyZiyqdRgC-d5iWMOJJEG6rUEKjO7IzI_mIt8-zemakOCCx_gI24CxKzjPLlKgEpPkWMnfnWAlBmirmjWtD8PvYwjg9FzBjOeeEVUMRq8c2f5NQZurv5aPyms6xBD8gepGGhnf7YMHFKPXLXx1kSGjR36i0c1M8j4E3inKaS-7WsGxPcgcx_YraAVI6fmGhW5FCmVHICznK3WzFcTUCO9tl9nZKYC74q2m8_KhQdExt_GFhREBwKdLOvJtO6zfpRV5N93RP0Xv_T-OEIkM1CS-G7CRViZ00GLFy0YJHiJk7YUdy4caf2-y0KsY02NJg3ebNiYPcblBMvGGY7ZwxkN94CRSr403TyN3WQB3lrZU-5POtfh0jX9_p0AoRYbQndzf5dsD_CSGHO5fruCXDgvwo8sG6vFXxYWNr0nIZNRQXWUPIUYVbHSxP_1kRMZma45Vvp36svB4udLWb0OBSPbeZi1_jo_yJljs0Bo67z76snoP4-LlD-hgSmIjqXMv92TG2-oTtqh5rTAikPH00GVYyzOvYIYfQX0FgotYbi6GsTpY&cid=CAQSOwDUE5ym3KUMEzJJj9zZQ45M9zG1LXJf0JYyCFThMXfijs061t_tGQ_4bnGYGmrMO8YK3m5b09dnuLVvGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=2630820520763288000&adk=4188270525&idt=101&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10982
x-xss-protection
0
server
cafe
etag
3642240749246652247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
file.mp4
r2---sn-5hnednsz.c.2mdn.net/videoplayback/id/ad20b679cdefdd19/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1707398331/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame CD99
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/ad20b679cdefdd19/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1707398331/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r2---sn-5hnednsz.c.2mdn.net/videoplayback/id/ad20b679cdefdd19/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1707398331/sparams/acao,ctier,expire,id,ip,ipbits,itag...
925 KB
926 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-5hnednsz.c.2mdn.net/videoplayback/id/ad20b679cdefdd19/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1707398331/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/46E42B4039E980C6D42B798C6BD706CB847873E3.343A4CE7E12F729527F9C45853E985AD08547803/key/cms1/cms_redirect/yes/mh/sN/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1675861604/mv/u/mvi/2/pl/48/file/file.mp4
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
HTTP/1.1
Server
2a00:1450:400e:11::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
4f5263cfba730eeb8fc58fc292d855f3ec45d6313375848e57edb341466e0509
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:52 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 Jan 2023 22:18:08 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-947173/947174
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
947174
Expires
Wed, 08 Feb 2023 13:18:52 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-5hnednsz.c.2mdn.net/videoplayback/id/ad20b679cdefdd19/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1707398331/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/46E42B4039E980C6D42B798C6BD706CB847873E3.343A4CE7E12F729527F9C45853E985AD08547803/key/cms1/cms_redirect/yes/mh/sN/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnednsz/ms/onc/mt/1675861604/mv/u/mvi/2/pl/48/file/file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
649
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/ Frame D1E9 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39236128fe5c0e392d70d5f7408240e5cbde2a6458e70e025b5c50781aee8270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1679
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 05:59:49 GMT
expires
Thu, 08 Feb 2024 05:59:49 GMT
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 943C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRV-2MJL-_v-jccrkwxTacO3C5kXE3N-_3SxUZHXocGKWKlBKpFrOrKrCBJaMycH0cJnX7Id5aPYf9wnkh_vvNFeHwndVR1-6ooS0yKn5YkJw-fktOxv0T6uVARUkZ0NmYomQnEVS26CQrvl5RwARorwuok0P8FYQ9cTTeMmiMYZu6k8ndgcvYRMjXfzJRFJ4lYqFGxhbrNnxbhr4LPen0VHuep4zqK1nlzSCjryGzNg3i6lb_Xn1wn19pHCwPlqLWpKh0mFt-0hAd0hdu908n8hadV6LkRIS1Ej3yqQj1dPLXlMIOwUlYyiQRq-03OopevNyyuBBiaSbgG1VeyrhF2fVPP4uvCAMZcPfSXZETI0ygxFm-jKisDNUu_8WthmMSWHH1AvclHwaBic4vAlGYFV73uG7-ynEoEtCNY7ycBgy9sXZIM-skd83RsINI_CFguVo7nBmlC0MGEbdR1UKrxQsvlLT4mnAeAm2qSeZhqovNxfuVOUwz5vRCkjfK_xaM8hHDZpFYp0_wiCuM0u2vDt9PBOc5gbkccsK5eYD9TGHAGyznn6k9_0IJaJW4ePLKRVMmmF6Ia3wNvO24jG998p_jxKarwm5laqKY3o4jUYVfVI4Wg4O5SRq3j0_ym8FfBqxz4vydLu1Q2GYSZ-v0YyEa6mBoDLiyVktXdMddjX8XIoV--jRsxMrVgdMtD7kTuYjvqrEE1pa-r6ch1D56oGjnH19WIcJEV3KO8bIS05hFFeGnEDM4q0yMEnwraWmuIyrht2jHwNm39K-40PEjweS8Yy4IJdKC8xTLH0O3Th1y8uvFjIyaJiCN9fDU3q32T2iyX9Ns9ZDtn32njVZQQ20-80HL7AfXmbx_T518H4RTFVWahNGvw8-rrZgfk2oE01p09KvaghMm4kvN0DbqRFQPRGvcHOh3-nAq2XN6qR8lgXiVFU_fw3MVOhLaaPuxl9Yyh7jG2Wxr2zsYyO3P44zIbobYomzkwbBJ-4i7lajfCvZpneQ6cnxCACe-FF2JwD-U1FUmz3r3oL2RVH8R0YWwA6z9cU64e0WwIsziBzfwwS90mq4MFs2onRBm8PAVSAALjKxgxICLj-8OBci44m6YLUtGl0QD5BMhMGtJ0GwsEULKYO2GKEfX7QfzOZxPdlCTSPNqGtBo_yEXZU9tsdAdLFW31I2lCx_jIOqeL6H3lPoR6Ll0yP8YtlI_wGEc37XLB-ifmspdKasf8DRmG9hiFMMRDxiINgHwU6s782h5ZbVDXIgs8FEvKif7rJnomaBzNMvnOCoCqrDZJPiGLNrf2k4uxbUU2pes6eqlLAk25W2ALB18u-3l6x_BieQ_dTM6hAQBV_cF9W3ptM_pJ4TPEwqOqBdvpMACK2YB12ux-I1Z1rEMjdyrx70Pww&sai=AMfl-YSVRS-7RRYEYesHP9yYtUcawENEq8dJ79DFuRehCqu3Ht2vuROa_e4RspjHkevLFMsKzwabNThO484wl8BcGXKaTh3QmKwELXIkQL5xqXC26LLg7Ci_phzkaa4Asel6TupmBbYrtwj_sRolnsDc1Qk3Ifhz4PNaowyldFM42JT1SGXagg24-Bw4vpltf4CKnGWL0H6_is6w-Qg3PQs2Pap81QLDivN9_WftJnVPsrKbj_VhvlfeEWI0_cVz20P-YOByTZHEq5KUBFLVCyp6bvhSJAiEO_r2&sig=Cg0ArKJSzGyr9fsAvKtNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=183&cbvp=1&cstd=180&cisv=r20230206.41256&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:52 GMT
file.mp4
r2---sn-5hnekn7k.c.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 2064 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-5hnekn7k.c.2mdn.net/videoplayback/id/a494412f6e826b24/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3818542223/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/845054817CC9DA2E7A31548D1B16BB2472950510.763BCB19012056B76EDDC340EE16D45A130AAC60/key/cms1/cms_redirect/yes/mh/Ke/mip/2a03:1b20:6:f011::5e/mm/42/mn/sn-5hnekn7k/ms/onc/mt/1675861604/mv/u/mvi/2/pl/48/file/file.mp4
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:2::7 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
f2d72766c3c14cb1092754cb54e0c39bac0e3b16e69406fb269da09129950c97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range
bytes=0-

Response headers

expires
Wed, 08 Feb 2023 13:18:52 GMT
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1347476/1347477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1347477
last-modified
Thu, 19 Jan 2023 02:09:27 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
client-protocol
quic
gen_204
pagead2.googlesyndication.com/pagead/ Frame 30FC 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4SK5OqHjY6etNsql9u8Pv4qb6AIAAAAAOAHgBAI&bg=!Y2ClYDTNAAaq5O5FiuQ7ADkAdvg8WlhhPyaPOwP-llKa3vN5r-YjyEMPYx6wYZe3m3yDLQyoYJ1MYOUDKBWe0sZ15Zk_MvifYeMCAAABkFIAAAACaAEHmQMByz5e0-P6cVQz9Y69ot6vm7so1aR7DbHj7nfefXEwziw1v8rkszUe3eB3pImb2JN96eema6P-MZK2o4-on1V1RE5tNtGMHMnUbTEeY2y7TrYtN65SONrfE9sReTDw-UUuiCpeYk50u4lWBvEqgdt5lXGxLsbn72uFAkU-A_rNlXsGv8esdKETDTSlcv3XrmymzA3uRpd65jBuLHiR5D6hTdX38Ij12gcJZzBzSOGGVOUlVtdByLXjUQ9SdVBx-fm9wh6w2pPAKVY4Z17lnkXcarEqIr1YyzX2ttjZjdpwLpDZtINeZKJIUl7mzU73GPW4Bq_QZqnjZv-pBYLZd0om48l9xONYOy4r9EQ5IP0mlRtfLsD62UR4YnkR7_cjZex0eHqxo9RwcmH4lHuAkfQKpbzZukfCo3lTO_qZZBMXPrqkooNln38J2ZkzYvKUI44CeMo8JaHqicz_Bb-5-TzmRWzbDwwBbMY15_U62GofeNxZ0EkVu4mfzh82SuVZSaPYwcBN3fv_X89pCHmRz341MFOjkiJFE4-5AdAdfYC4JQpnLTjzJATi9L47ougnWs3JSTYGGIlkj3Ca1O3EKYeTMHlv6PDf8faODDq-sj3fj99Ln4iPxeRuipwg3d79UrwxjPni9SNadkrpG2ln7BY9wudJZhhOE-gLHz8r8-eUAUNWrf_cmLJVrjmG6JMtNMtPw9GkeqY0MZ7PEY55awXmfhv7kasQ8A5VXhbr08bHiCfCmvopeMQJ1OnrKpa7oVpDItlYY48xO2xMAQKF_f5wPP6bUb3roun6U1yJXt3xJ2kFph7PUeXE5iVAjZpau1eafKaFLyKIHKe2jniBumujnP7TWsKCiaf6c6mbalx8f0fLjiKxRMNsxyfI5g6caKnkOtI2qLOMPPlZEu3hBcjI3C5dbMeZk5HNlDbQtxjV6FBXY7sbuQkiiSXNyWy8rQkVieKMVl6WgCesVyS_npo7BFwVFU_M1YvCRpCNyXksBCcorkp4W64LXwiWnRQjCCzvBA
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 943C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
truncated
/ Frame 943C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f8c560416b97eca5e02b75ba527d6dbed3403648596d255fd360360633853e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AF6 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7731617516079&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AF6 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7731617516079&version=m202301230201&ct=77&x=1&cor=4086399203993409000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8AF6 		28 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoP5HRfhiOKuIE-oOOuWUeUkwwdVdcgHS0vRWr-IUju9abwU9J1ffwCfIlot4ZjzK7Y3XGQCVayr5JQ594-AT6yi1hXgE6wcloFLP3jb4yv6J0NT6VHiZZJ4K-k240hodMYpvGeGUJE2KXqJ-LIE8vGkAhBeSeTOrCaLOvKTbynUjFD5M&dbm_d=AKAmf-B0f8R2DLtEalutZepMOV_-CaZJss9nL8O8Rw91wweOXwSGfpgWhkUhYPASASxA-ZdyqsrFFxypBc3mItVIk0S7cQsRVaR9wmBQ6TpVW3p1TcAOaJrZI-YNBdICKY-HfNj_O9RPk4mKDT8VXL5Gy1FbRKPYYXg66fuFQ1SvHue3Fgc4IBFASHavTyasEBYMdDzMSBKA3DUIt3-8giYE3a-yPnYx_mT3D5jYfzZB9RK4b6jHVp3Q3vsGrS9W_cRB6J-ZDl5OF1X7wOS6M1AjqAMVbJLRaQlZukdJtqJ-4T2I6Gz7XvCHUruzdhlzZMByvLYEqiURgzEQz3Gb08uT-Yrry3xsGDZc2GJyameppIxyjLgyK_3ZZuaaRJMB9KXircv9U4A-lR9ZeUUJ-o4kchE_YapO2i3en9s2su4Okf46EdRQscRZ_NQFwA9tHPPGReZFZhbGQQLXhugO0LtHdMxLtoCHItOdZDCkXXTJFi7pTzuZQRGQDqn1GGuKUAs0qY_ixV4w1_cySwSlaGw1pZ45A-F93Sv4QfddIFbpE210VC7xswDSYt9CeIo1si6Q6EEmOBjCuPFl6gAZqZOsi2VGIg9jOBKQdADOLB7QhQZoAWWms4uI7WIDnNbgAi9bYDMcmcSxhkBkBsvn4t5IsKuzxTnH5u3ZsruhY_8ftMvdngBz1WuywXtMXI1IKktehoMoLWe9UMaSdC3h-j24KqpNHIRBZVYeEgaXdfOKXIClSiGvmmV-PAmWOhuJ2DfQ2opWQ4_69iPAqCJIL-bl8y6mL7T8Qahl5jGFURawL8S-HwJ1KPkyMyfU49eAVMLXmAxTHcupTfALjL7cHBaLjLxooSUModuiHNfbHBkbbxKCKJYVphl34ZYaHV9f8J9TngX6yENnM5XKQlGOAB3wNIjWW-y7bXeSZ-qO9JlVye5AO72qu3a9-SlNHCt5LSeRaVJMSshsLr1Nl3Ezp4DfnhNc3p784_8a3M7cYyWb2444Exm2L4YrhdD0Qsi2PEbS5waHGRwzbVtp5l-e4leukZiCP4-32bAh-t5JaSxfFauSfPD52Ta9u8peqwTto60Nnnz6mtBrCHRgfiXzwWf6m1bzoAyQv5whA08cx--t6_7TDmTwtU4_96crWTECO6JxqAPbT7Sq9ya8rIQTusGLDOmhP_-7K50LBaWcC1MyTWFMwA2xcr-3UvLHZbVZ581P1WFvYaSgyfdL6EvWoUKXZ2F2mXIhiE4zWsjik8JCmOAPwror1qI056d724WbkyeQNdq43mjsK2OImgkTI-JZZbycw0-h2NwLjcSb25d6KVPl7QHDUkk2FgXeRnaMQTYGiJPoreIIvbOabNOCDXFZKyW9YMJVyWgdIFaj9dbS1TGnlkdSfOw1XvPVJNJibq15sYLk0cUdFzR1cHX85P7_h2KyXDsdTORsG_5KBU7k08MD7tMNDq6eZsjYpL2lFsyS5USm2DjrrAh-wxzpbxWy5JHT6cfuKblaT84O5EHjerFtLNTwT29fMQwquAKJZah3cyMab_Tt2dh6UzLzlktXYl8n_Fmq7PCm992T90PcI8_-RaS7Nx6O3jH6ULSRCWl0u-TcpMl0W33YqL8xVwY_yh7vJ40ByssH8WPOksnj9A9Y9GO9hq5ekMpZM3kHnNE_7g22aKP2rcSIRRr2MOSoFW5qkUjmdpbyaZ9a6qpEPuFqIod--lI3yvRNX1B8ibrTSsHeaSBnq-5A7w7uLy8rnM4EGQAgThr0DSDvHy9KU56yDeZ_exmiLdmMBUnh6R7vo2H3Oz0MCjag7cV95Ogx31OCV7yODLhmG_j54iJSG_uK-FuhrfVl6ldKMk4n1s0F3-qGgpWuj3gtCG2ozB7xKVlszc60R3DF23JXtSPyEm1sASgzgjL_d66MmnTHrWA3u9TkVI7bbYbHR4I6Dn6Q7S5J9w14_XtciU6aAMjtFtSHWHt0xzXhpLnuzNZ3oaGhzyMhizQDCWBK3-Gihf9uGsQSv06fNGAfM5UJPipqYams-Vh2eWi-ZjTb67enzDrRLEikzuDnVZP0mPnZIzW-074CDKY-yZc68NhSY19MAfA-MrfYkINB2ra0hJJqmGNgVzi107R4WG_nTKKY6gxBAPicGu5TjZGedVmwbIzElQ8q5QKIC2It-zS8k-fv6IpoHATfzgx2N5IuczRznDvGuyphrac-RgV5pTHGRaFKD00jK5-lRPWkJea6z8Y679jVs8qNwpWKNNJPNjGx66AWCizspEFQtfBhGvNUry9os7roVycUsTa36YGktoCa0KQToYvtQyab5Hv5T1bBZ_qFkOWCLlGUaXFhMtaxVWqsJW2eC-QJbXkn99Njr-aVCzzqm97yiods2x8SmYtnKBfh7_J_f8N5fRxBlOVebBPeI16Je34sfSI--56JzqeAm8QLjirSaBM6fo9Lmid77swP1kB-5Aao8UXVHACeSKPJifSIBcPMbb82p5YrCmIlQlb61-sYTV26b-hiclQ6CihpaIEJJo3iVxDFUySv6Xc0bm7WpkwCPxEtJVSwrtjCYlfNjzUrMGk9a_ABnRIhMK4QBbegw3OG6yjxRPuSdBWSXYOBFxEMvIOpM-e6MLNxvPW6nNlOShEIvU6agQPHYplQk_Ihz7JqADUbV7uloWWEWiPyFQCNZqfcwqx1qhmDdcgkN8jCaW9KVndBqaRlNfu0PQJOxmcSTbGj4onrcSGtexaej2XWdt6uJfykbjxrayjCFLc9XQ9ZIxx4Hah2oZHV9pwhkJdsPH979hkwVYJ7JhnWEL8uGFwtxX8RssOzBQhV3udyehgttFv5Lmx7dop-vNyBgZhq9DnGkAcpau-aETnPkdzm1GkbOABFlCH0EIVsmaxGYJ0Ibn3e1LPSLyXWbHB_G-kTeITPU_4dANEGytDCyqbODQ4-smyNhNsoa9MqNPwTmf-dDIrOy61drAik0i7W0Tsn3NGsKeO0RJyHN9ezPfnaAuycIJBg950VLLANIjvGQt3JyMZvj6t8cgttSSB0YR6_I6rcAUiEy_9tH5ekXWam1oo2nyF3fuw2owGvr16-qmmto_f9yZs_EIKfuyFBHsuhZphrgvaQ5BAKVA5BLgz0qWgEy7dbOoNpucZax6FG6YlnzqzTWnclwD-P3Pq-Q8mD9ps2x22R2xlYkRYJv79lJHMSGd08d1gqe7imm338qt9_Qk1OSfAV2PWkF31ihrkTbhyQra5jJeH0kRsiMiIUnupLSWQqkKXM6MSLN0vic-BTNB6lkhOsrE0GHmdhOUlywxB2jeI1ZiEMvWTCYdyWyKgei0GMeEoaPREEtQkqO1nvrEKnemR98z2dakuughmp56HC4r8f0AyA497jNNOfxBfoKd9o5R-HM4fZ7ERWfkV-LlEQazBmoZ5aKVZwT5Z6sz6t_iLnZkQ3pI5E_MhXQWlnlM_v9jk1aEZ_kFhly_FO95ceFW6JS5hXOlqjkS3GiHRreaXpaME9ofKOFZelqkkrz91chsomvPUO0sJeUtPoIg0YMg5Hdk5fC92ueKVRdx0l1jdxnI9k-cD_lCdPLQmuYsMJCJYL2CYjd1TQ3gTD5RSgsbcbz2hN5v9E43rbt4ytCmtxy588skYfhu7gSL7gXxSTRKTprpjTWv__cgvZVG_xvecKdjRpbXCgIf1J61acsHD66kl5xE7XaY_-NCEhchBf7HEdt6qEu85K4Rh55bhk6-xhcUqay91Z99FwNYmII_ql64u-KwqS5bKd658&cid=CAQSOwDUE5ymrkM24M2Igo9G-8h1xc7Cb_j5k2Gfs5bjOIe46SdPAA4S9hSkpRZGBHfv89eIBdhbDjww7kzZGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=4086399203993409000&adk=3037181500&idt=131&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e01ce8d3764a854636e5030b2a5ef1771a35510012f9bf2421163b3bd625396d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16850
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame 05E7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=94.277;sz=300x250;u_sd=1;dc_adk=4167744936;ord=iyppoe;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=145;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30271
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 05E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbkwlowXBtMo16nAoK-DTzhmaC8w-fsrhGZOmM7hE6CqqhqNER76LnqBZ2N2jl2DYDQ48EeKfPUD7iLiqZPAjn09r9_zJ2uhNUMRtVbgvd3H5GwXsSLyVTdN0RSphBFMTrqx71Jyg0ZTkwy4aJrciBGMA3dLp-N9jyi6E&sai=AMfl-YRP-U3d4tEKbwrYM6PmHBDzJjq97c-2oOgEImEECFX7UOvtLIjyjVlwmL1SnceJOFmv7uhoMTIzgy9V3WBV75yVgJvTMIN-QxXxtA&sig=Cg0ArKJSzABjvi4_S6g8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230206.13722&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=94.277;sz=300x250;u_sd=1;dc_adk=4167744936;ord=iyppoe;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=145;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 05E7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=94.277;sz=300x250;u_sd=1;dc_adk=4167744936;ord=iyppoe;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=145;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
2418735279377567735
s0.2mdn.net/simgad/ Frame 05E7 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/2418735279377567735
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d22ae6bbaa3c79a6d31667177a7bf1b209536858fe3caf1a95a21af65d76f15b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 04:45:52 GMT
x-content-type-options
nosniff
age
462780
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48252
x-xss-protection
0
last-modified
Thu, 26 May 2022 20:28:04 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Feb 2024 04:45:52 GMT
container.html
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E56 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:49 GMT
expires
Thu, 08 Feb 2024 13:18:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 05E7 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
197b272d98bc82d24c587e2aa75707864798c8c1115059baf6512f1753873427

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
/
c.mgid.com/pv/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1675862332344615409015&uniqId=09567&lct=1674691200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.flaresenha.com%2F&lu=https%3A%2F%2Fwww.flaresenha.com%2F&sessionId=63e3a13c-10b8e&pageView=1&pvid=186312dd3b8898d0354&site=836414&implVersion=11&dpr=1&tfre=3464
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7964a75949e130ca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 05E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssbkwlowXBtMo16nAoK-DTzhmaC8w-fsrhGZOmM7hE6CqqhqNER76LnqBZ2N2jl2DYDQ48EeKfPUD7iLiqZPAjn09r9_zJ2uhNUMRtVbgvd3H5GwXsSLyVTdN0RSphBFMTrqx71Jyg0ZTkwy4aJrciBGMA3dLp-N9jyi6E&sai=AMfl-YRP-U3d4tEKbwrYM6PmHBDzJjq97c-2oOgEImEECFX7UOvtLIjyjVlwmL1SnceJOFmv7uhoMTIzgy9V3WBV75yVgJvTMIN-QxXxtA&sig=Cg0ArKJSzABjvi4_S6g8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=181&vt=11&dtpt=180&dett=2&cstd=0&cisv=r20230206.13722&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=94.277;sz=300x250;u_sd=1;dc_adk=4167744936;ord=iyppoe;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=145;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:52 GMT
rum
dsum-sec.casalemedia.com/ Frame 8DAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmy9BmDvRCqJwZep9gUNlE&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmy9BmDvRCqJwZep9gUNlE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiTkrzHATAB&v=APEucNXuQ7h1yeL0UzLoOD3ypaNhxhUUaKcdAl5fo-s0YyfVJLhjZEXLxrZYMRTxzGsrcbTrK_ETsqBpoOtqo2N2cppx5_fWuwg_oAx2nDdHyaZtYFYcTQoYhwZZn0xAS-ZHHZsf1-9F0HIF8-IrQbd-PHp-u2slhYhaMVXKYN1zOg4GtN_jX44
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmy9BmDvRCqJwZep9gUNlE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8DAA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.OhOpYZgdQZ0MvM4CvzGQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmy9BmDvRCqJwZep9gUNlE&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmy9BmDvRCqJwZep9gUNlE&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiTkrzHATAB&v=APEucNXuQ7h1yeL0UzLoOD3ypaNhxhUUaKcdAl5fo-s0YyfVJLhjZEXLxrZYMRTxzGsrcbTrK_ETsqBpoOtqo2N2cppx5_fWuwg_oAx2nDdHyaZtYFYcTQoYhwZZn0xAS-ZHHZsf1-9F0HIF8-IrQbd-PHp-u2slhYhaMVXKYN1zOg4GtN_jX44
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:52 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECmy9BmDvRCqJwZep9gUNlE&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 8DAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIrEw9LstIZfBjPdKG67I4M&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIrEw9LstIZfBjPdKG67I4M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiTkrzHATAB&v=APEucNXuQ7h1yeL0UzLoOD3ypaNhxhUUaKcdAl5fo-s0YyfVJLhjZEXLxrZYMRTxzGsrcbTrK_ETsqBpoOtqo2N2cppx5_fWuwg_oAx2nDdHyaZtYFYcTQoYhwZZn0xAS-ZHHZsf1-9F0HIF8-IrQbd-PHp-u2slhYhaMVXKYN1zOg4GtN_jX44
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:52 GMT
AN-X-Request-Uuid
4d17d8d7-c057-4af1-ba12-a30d9e2648c5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIrEw9LstIZfBjPdKG67I4M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8DAA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COXQcRCu_4SOAhiTkrzHATAB&v=APEucNXuQ7h1yeL0UzLoOD3ypaNhxhUUaKcdAl5fo-s0YyfVJLhjZEXLxrZYMRTxzGsrcbTrK_ETsqBpoOtqo2N2cppx5_fWuwg_oAx2nDdHyaZtYFYcTQoYhwZZn0xAS-ZHHZsf1-9F0HIF8-IrQbd-PHp-u2slhYhaMVXKYN1zOg4GtN_jX44
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 08 Feb 2023 13:18:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.165; 185.213.155.165; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3096a475-fb92-418b-8747-da23670e0250
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjIxMDIwNzIxNzkzMDc1ODQyMg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
396f4000-d15a-4c82-ab9e-9e831147a698
https://www.flaresenha.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.flaresenha.com/396f4000-d15a-4c82-ab9e-9e831147a698
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
pixel
googleads.g.doubleclick.net/xbbe/ Frame B948 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWrRY6r6xBbCmTv1PtlimlMj6D4gpp90KYemtG72vcwQGPqHnjCHH_CE37DdDUk_K8qnjou3eZL1XXdXqJ8xoe7ryrctmGM6xuXmv6ZCcgVgfaH-Y26s9RoJujSpkRNmN77_NQsr-EdXWsDQEzpJqfst7cfJNCwW1Ff8Q-US30pPl8bxjk
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D68B 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame D68B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame D68B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
l
www.google.com/ads/measurement/ Frame D68B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRW06WlhE1qrR5ckkGrsGBNx0eBj0s0wXW8OHNb9vXlqVBsBg_f--7-sdekKaVkJwX1jQ2ilp7Hu-GGZuo5k_IdLTk5wQ
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D68B 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D68B 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DstgmK1R6Umlbpn-kS3bakwg8n5w1gS5biUXwh8nUqqzPyPn9dn1IyU3y6ij0WyIDwVBCb11QVOun-1riANvA__Elgyb408TxHUGe4nJww_ZUcdos
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D68B 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7817417894427381973&x=1&ct=76
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CD99 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:52 GMT
close-button.png
www.flaresenha.com/wp-content/plugins/ad-inserter-pro/css/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.flaresenha.com/wp-content/plugins/ad-inserter-pro/css/images/close-button.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
190.89.239.168 , Brazil, ASN29802 (HVC-AS, US),
Reverse DNS
us310.serverdo.in
Software
nginx/1.20.2 /
Resource Hash
669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
last-modified
Wed, 01 Feb 2023 17:05:58 GMT
server
nginx/1.20.2
etag
"63da9bf6-59a"
vary
Accept
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
1434
expires
Wed, 15 Feb 2023 13:18:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7D9 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7819013333048&version=m202301230201&ct=76&x=1&cor=3089678854757187000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad.css
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ Frame D1E9 		1 KB
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ad.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 07:55:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
465
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 07:55:39 GMT
img1.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 20:23:43 GMT
x-content-type-options
nosniff
age
320109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36078
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Feb 2024 20:23:43 GMT
img2.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 07:26:51 GMT
x-content-type-options
nosniff
age
107521
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45194
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Feb 2024 07:26:51 GMT
img3.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 05:12:19 GMT
x-content-type-options
nosniff
age
461193
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36124
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 03 Feb 2024 05:12:19 GMT
img4.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 07:55:17 GMT
x-content-type-options
nosniff
age
19415
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44662
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Feb 2024 07:55:17 GMT
txt1.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 12:43:49 GMT
x-content-type-options
nosniff
age
347703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6882
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Feb 2024 12:43:49 GMT
txt1b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 05:10:33 GMT
x-content-type-options
nosniff
age
202099
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5429
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 05:10:33 GMT
txt2.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 16:43:04 GMT
x-content-type-options
nosniff
age
506148
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7176
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 02 Feb 2024 16:43:04 GMT
txt2b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 05:10:33 GMT
x-content-type-options
nosniff
age
202099
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3772
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 05:10:33 GMT
txt3.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 05:48:44 GMT
x-content-type-options
nosniff
age
372608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9401
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 04 Feb 2024 05:48:44 GMT
txt3b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:08:23 GMT
x-content-type-options
nosniff
age
40229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4662
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Feb 2024 02:08:23 GMT
txt4.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 10:37:43 GMT
x-content-type-options
nosniff
age
9669
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7513
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Feb 2024 10:37:43 GMT
txt4b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 20:12:45 GMT
x-content-type-options
nosniff
age
147967
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7018
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 20:12:45 GMT
cta_img1.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 07:55:32 GMT
x-content-type-options
nosniff
age
105800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3710
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Feb 2024 07:55:32 GMT
cta_img2.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 14:08:39 GMT
x-content-type-options
nosniff
age
601813
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3821
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Feb 2024 14:08:39 GMT
logo.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame D1E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 07:55:32 GMT
x-content-type-options
nosniff
age
105800
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4246
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Feb 2024 07:55:32 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D1E9 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:18:53 GMT
ad.js
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ Frame D1E9 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c64f55a5448751409418c195c34fdb8cab1dfa25b41eacf7e08f1dbab8c7555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 21:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2735
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 21:57:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D693 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bzl20OqHjY92_O5Gw3wPz5aPwCwAAAAA4AeAEAg&bg=!sLOls-fNAAaq5O5FiuQ7ADkAdvg8WrFMpt6P9_XwqgxNUkFcqiv5XCmZJEKNgORL-d6rOIO1qKvckLxuU6ksSwgAvS1YaC4nvUoCAAACZFIAAAAEaAEHmQL4BaefCYTztL-gBMATX7YIoAV73jMbSxCgrOdlgbf_EkQFDgnV5D8WqpdGXLrNKrgeBBfN97SJNDr1vglihGY4MPz2WBDfbG8Ok5DCjY3uCAWdMQSGkYxrKDlWH5JEzvP4F12HN-XYne_rtLEEwPCmT3o4J6Y7LzPIRYwcnTH1qfg7DZESyjx63I_-DQydJgZCDe3MkekE7a5FPtevYY-maDdpJkPg0VpSAgqQAT6rfPr6ePeZ_FkK8JBXdBsvWE1wRkEkOV5LkxRlFCuGQTzcIuHU5DZqhbTrJrXYlELkMdf3Db7D5IZk5XK5HARZXH2s7Dtr8eUfYhQl5Zlf7Vg0-lFQQocE8QOEw0LxdRs6ijtZiu2pHC-oyHrXXMm7LisqMXM-01JQMJIUZnDYG5h-5sVy855S4U0-1Hhg5FgacBbjEr2FgEOpLEWTvUw9Glrz9tar7aTPH5zzkJ589Srn8cCqvnm6hCCZbjaqapz4MMUDP34oQQELtcJkKnotPICYBmpe68ZbpXjduaO2P-tJwppF6ukYQKr96ibpQ_9ZuvflihmjsGM0Xeq1uW6qj-zT2zoA6yu-0jbfL4jsHK0wcNvoi5O8EJse_qkX6UsVG3tEfngPXPdlRC0twiutkHWsAhT0odg1glcJn8uR3LlVCMc-p3MIQyCJCZ6-PtWSdJWO5aLlScgIY4oWR-UUeAink7nhpuWbEtIOszFKYa44jShy3WO20Q7-vQxFC_27HmNLacjXH6plIOTss5S80iz8g-3gCEg1L7G-5zL1_GYt5MiIB0lh_FeFpHtQqhgrjklTGYL5lVkl0J_ScxWJtnLYyIO9f1WmbZbc8n3cjsFf-PHy9vn1GkfujNF6_-kp2Q8sQ883dPto2A-AIy6669HFw6NpzbyJhUr8Os4y6_zQ7l2rnEXKAjUFIAu5HrP8yT0N4GB_yFHqounpNMAvYSV7K1E8gva3abLXnlyT0xamHzWWSwPy0b66NEAhwDqugqhbfqk7AZCksA
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F7D9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvO0grwPxCuddBaedNIvvpYnRIuNRM-lYvEsCjajmTwFPdNhx-29JwlK_8zaAu0xw_U9JRY6imNhOGzai9N_HFXzMABMEOKu7EzbKAIhWzfr0LWhvC1BjEmthq4jaqZ6OGRIMuWNg&sai=AMfl-YQ6hQBc9txxy2z6OiU9fqt9NU0-gMsP3vXONGtO6-lzLqJEy2f2ZnWUxt0GAUFpYpuNKMh3p_3dOzJfpgBgx7qhIaiy_tgSJkg8658vZtEl6RdVpU53kp5ERdoYfedPW4yI1evHaQJU3Ffv&sig=Cg0ArKJSzK2dSOTnlWCYEAE&cid=CAQSSwDUE5ymyTd1sORP7nlVQvU9UUCllf5pxDVXIMOUWNjzoZcN-oruucchQQSZAtNfXheaohvv0CUu3dQ-qLG1bsYdb_56Lok2bDNXGRgB&id=lidar2&mcvt=1130&p=394,500,484,1470&mtos=1130,1130,1130,1130,1130&tos=1130,0,0,0,0&v=20230206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3155775495&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675862330220&rpt=1190&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7F32 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUdI49i_yRWme7fgNKBp7poU3a9AHOVrCtPb0YdaTJLvy2uVbmlpkGbvx7glk8gKNWf9Cm3QLCqV7Dd5Wn6F9iRwaZ8758N69PB3RUhLn7TZ17ZMe5iYOyvBg7ztq_7j-OvoPuQyqn3Ppfp0fifdKysNAlFDUgRlrlWTuQbaQym-ZoPyP4
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 6E56 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:18:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E56 		42 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPAsrBd1-JThHi5YyYCJZrMmHtWtqBKUZu2Y1npNOSDML0H5SbrZuDGfhJ5bwG2XilVL91-pzMjhv8v1wH3jMO9e6LIzfuJ4bID9KZnrt5rELTMIs
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E56 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14238044892996319737&x=1&ct=76
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 6E56 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=18513647035&pubId=1&placementId=396819421&adsafe_par&bundleId=&dealId=&bidurl=https://www.flaresenha.com/
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.83.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-83-138.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
236c40b7e8e05fff08405da0ce581d73fdf323b9a626c9488b6ad65db5da228a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 6E56 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
30269
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 6E56 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
30270
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:22 GMT
l
www.google.com/ads/measurement/ Frame 6E56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaStOkjrfdS1TpwmQKlpov0x5_nU-N9v103UbFwCU64Hput-8VkcQuub2u6kMNJipYxiFM06UbuHDaQD_uGy-JmROy2tVA
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E56 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:52 GMT
sd
us-u.openx.net/w/1.0/ Frame B948
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWrRY6r6xBbCmTv1PtlimlMj6D4gpp90KYemtG72vcwQGPqHnjCHH_CE37DdDUk_K8qnjou3eZL1XXdXqJ8xoe7ryrctmGM6xuXmv6ZCcgVgfaH-Y26s9RoJujSpkRNmN77_NQsr-EdXWsDQEzpJqfst7cfJNCwW1Ff8Q-US30pPl8bxjk
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame B948 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWrRY6r6xBbCmTv1PtlimlMj6D4gpp90KYemtG72vcwQGPqHnjCHH_CE37DdDUk_K8qnjou3eZL1XXdXqJ8xoe7ryrctmGM6xuXmv6ZCcgVgfaH-Y26s9RoJujSpkRNmN77_NQsr-EdXWsDQEzpJqfst7cfJNCwW1Ff8Q-US30pPl8bxjk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame B948
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWrRY6r6xBbCmTv1PtlimlMj6D4gpp90KYemtG72vcwQGPqHnjCHH_CE37DdDUk_K8qnjou3eZL1XXdXqJ8xoe7ryrctmGM6xuXmv6ZCcgVgfaH-Y26s9RoJujSpkRNmN77_NQsr-EdXWsDQEzpJqfst7cfJNCwW1Ff8Q-US30pPl8bxjk
Protocol
H2
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 13:18:53 GMT
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame B948 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYiLnOxQEwAQ&v=APEucNWrRY6r6xBbCmTv1PtlimlMj6D4gpp90KYemtG72vcwQGPqHnjCHH_CE37DdDUk_K8qnjou3eZL1XXdXqJ8xoe7ryrctmGM6xuXmv6ZCcgVgfaH-Y26s9RoJujSpkRNmN77_NQsr-EdXWsDQEzpJqfst7cfJNCwW1Ff8Q-US30pPl8bxjk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 13:18:52 GMT
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
csi
csi.gstatic.com/ Frame 2064 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ldvp5uwq&c=624899800626&slotId=312449900313&qqid=CKP4mteBhv0CFYnQdwodhaoMFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=878&mt=video%2Fmp4&vs=360x640&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230206_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 1C0E 		115 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:52 GMT
expires
Thu, 08 Feb 2024 13:18:52 GMT
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 85F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiwyXjcZTWqeYoOdKSiTXL7XqVSov4EuvCZMeEgmRqsrlvl1WJ1reR_FAXVcSN-FBM1f6w6qn8yWu1yuGFy2As29TfgDSB-l4HyKJcIgETFU7Ti5MGSnl9YcBTC_2JeUiZu1jdRPCkuZNndDho-QmMk1hr8B64EZJEbGZOFdysRCxB0AWHLJmm_OQ-InSZgxWd_nyh7DSSAEfCIE6VTDHT49yHUzJrA_GfBkbYnU1G4KyaXnJ3hqfBLWOLWeuQq7MvSScL1CDX7kOHREPZSqi2-Uxt8Jvzynm-SnYzqZeZIJfNO_LpBA6zgLj-mkyHCKYhmQbDyemIk20xPJWfwQZplHYyIB1zPSdNn_u3DaLs43BM4fnP9MGGzN7POlt8achG4cqy964A0ddtqnaJIEwm3esAFzGYCOP-ySq3HChu33smvQc53Ptmdg7yjEWF_jHe1w3QFpbuJWuS7zgS2UK_fzx_XCyg3S5p3y5Z1wfmHu42Xk8-9KFa5O3fo6Que8E2pFHfOGy4OK7zzq7QC1bQDXFulF5wZzqbZc2XFGiQt0ZfHK0-DypSwHwywe1Sp_yw5QoVnchLvavME3uYiHdo1t5an-BF00tlbbGHRXyPZRNSFX7lIoWax4dfgF1dNT77iHnfm9cmzDFisGBuDLWBwWsEzAcWEH2ZSWi1hO66h1OTa5Kao-UoOU_jfKvA8SpMWXWENKqpy7EEONquSx3XSsBpB3JvINzia2idjsf-0JR1AOZ4X10H-fOtmFzW2-iEYoo7i5FsIlUGDyk1_lIQIjrLUuo1P5QpT4lkhNVWIwDEgxc4CLppGUxxJ2-YpKEKX-CDMFNbRxvN75ncAmZibwKyrnSwSPHVVcPgisgPBl0fFq33lYARtxcvldUh2I8IlWRRE31baKZu7HOx1vIdlzkWSPtyy6nlybhgzIPPtWlbmUzBiaPL87zR42Wdy6qmPu78zi01BkQ4TAxJvb-QCsVLSZP1_n1vpCyAxpd-ehzJmBsQUDGNTBXh9yE31wv-f6OphTXUsttZyEdyd4yWmRWTN6kHsvo-mgJOnsW-zayGR1D2Vp38Urh8Phui46co4ze7AAYlhFP6QYjZo5Uu_KCP02Oc9Ij_8mQRCQm0VRdcXM115KtR8iE-R9ERsdYaFjmbnVUD_B7SlaPF9USylqm9pT9jElZ76D4uEzCUmfuAjV4hEPjXlzorJ0hU0yY2x4MVAvt-cX02P7l4bLORxALr05BTfD4Vxg2QrOt8wdP8Dc_0mVqLS6qYu2evt4bD_FFbeCJaZtVMhh6uc65GQFQJ9_SPEuJy9S1Z9eloxirHyEneJo8GH44E&sai=AMfl-YRF_7jPymKgxI8p7SVGnwOxsnrpf2zh2ADHRbbx9mnVCc8fBo0VE2eZvCgjexqZCxUdL1Rp5hLvCV5RolktxjbPr6CJDJqDRMYFRMgUejnhWuzk23tUK8-YY8Aehhft-pyEf-l1JEcQ4u1rsLzbJYs1bkXTmAf8QiUs-v5vpWL-K_sRoS781-35F6YiIw8PxXeT827uFGiWGIucJbqTUEDFxjVPY1v_o2C9OGPkIXH4aGd5L6JIlPpe-KcgBa4ZudCu&sig=Cg0ArKJSzMhOWyZMsB_BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=638&cbvp=1&cstd=633&cisv=r20230206.96852&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:52 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E437 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D68B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6093561375910&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D68B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6093561375910&version=m202301230201&ct=76&x=1&cor=7817417894427382000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D68B 		93 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLlXpmGvcF87CQMeuNKfek-AY65-UwSrWOnzijRBSIf7xsoYvtcgreQonPQJViNXKpQ9p7cX5bxin25NDy7jTYdGZ7vkoIC1KHwYi7WQMGHAOEUQ92GjeSU5dt0kvBGPAGZJhcRLfbq3mi7qOf5MW1TUnk1jif4bp8gT6y9JESzTbBvLo&dbm_d=AKAmf-DwFA8k4b488k0sgkT2gyET8UUbe3C9i7xxuir0PFrx58trFW3iep7CYWFm_AAjkSpjrF8qY2ZRrZG83g086dkd0tA9zkvtXZyalaPNcVLFACQIBCSDuRZgwuK_eKeKVAUeDq1t1dtrJ6ctOtGwGdDjz5ShrNdvfbcu9g4WO0vqXcWKhCmMarCwaQdADJBVk3eEc_8P2aVjaMqjOWt7w2C-MqURnVaDVexxr6vMAia6YpQC9JwoLlabNHmm1s5WCWegSECPbTibYZqNDIE7TFcvQoO-74CrUNFW-UJpksdjgwkDGDu7wLkhslw1bEdAq3fIQpVD1hf30yJrXinvW8hojYGxs43mZ72Kx0u4DoX-t7Zk8GTq_uQL_01nTIeHcjCSXEL6hC2Qi3y3K6Qm-pmAW-Bx6XrUU5bBal1KelJ4PWB_a_fYvqhBqV4LqLfocriVbJIZf7n23WkyCOKRVMwmROiom1rglOQT1Ja86NfZ_j6d95voFRHuy1ap37-I316GPWpTDnvqg8tXNnUUeyyF-Fh0ne5dx1xNRRBzteVHfstQ3H8DDMSdxcU0HGaDqWEeeRC09ZaBP2-2jyzf2uEVZHMfc5KnfukQCjUD-dOi8yoXmwb8fUvAQC00oIgnWRYV9gf3pe-HUhXItTBAElTC5DPdXvGJmdLOpWnxbqzh627PSbtmqKPjQ6uDyowpeXgjyLbJ2RnsGoWpMv9U2YsTBSbRrSq3uOakvGIw-IgLK5FmjVMbkfbMHUMhOMM-H4H0aYmZOh-Tpg2qlEg9kQvdCjVJ0CYZfko3lQtZCdLjYw9dD5SZUSqfQBUW8qN5_oxq2teptw3fe2sGfZLPmEWMH3TZxmL945uPOcWnYu9TNQOpIUYuR9HoRLzXHky93ds6HmTvN-Zez8Ii5Khq00qLNnjzOEkTf9m20uihQ3v63E14CCUOOjDBVPEmzP7sYiNQ6WhZ5DM7aldZLhYYrzhBBey3wmGkjeVoyEKIKi78GADhquV7vI7wWTX2FMaNRc92luBde7WSZFHIjBfC6iWGUXYo0TvPxVbZC9Yg_ZK74mlH4uWT5X8dAboh0VLoKT1wrRy0i-0N6okFBOtDbP4_84ibFPcYQXtVRdFZ3PIPn98X3kTuvtPw_ayAfIHYkLwociNUIRx4eNTVd2P7U4yqK63SySgc04FqpgevUhGUUQnCJfbJowONE-v_gQL1D6y1T3zo2IB7VkP5WiCztSKnmyi65Z9u1pK3PqYwfKh5UEyZs--byPoWYb-4iE9KEVc5E23g8vecb0gj0Fmevh385obzvNj6ZM09s_37PxmGiMdVd48GPJ2V2qwXZZO9vJ_yhRQ5Zo0AuavkRE1727FKdhAM34829HrTzBkmX6trrUOc6WPWZzgXwgoFZn3c5hVUY8fxFyTG9J_tKhMpnxR9HM27YJQTvKY18zZ6EUhtAKjK8Jbyue_VbPFJireiUBJPDT5lK2ZYRZHWSTRxx3ftZTwjTi0cCTwTrv0SSe2hkoZbUIgXBw3WmoVHWujAbZeEznUdKONToRscCgxwfQRbxMhveTyCahY4Ot4TFWqSbcpGjaFAt9yylCWgD831DUPYA2aVBE0WwzrWFhwtvukV6tdPOx_F87O-0hs3tIUgVVtWzK9c0YtpECgd1q1JHcKZ5fkMyeFV3tjubweIXoh1_BaQXyjETHQFNW9aYOnxSnDUx0Y1nFP-uh7V2PWlmiMZmKdGS2LUzrlQZLHSWVL6FIjNI8AhsGbDxRCDjb1YpqwbWecsDspvF7ykXLuOmcrcNtLAKJf9BcSRfTRM1RdtXWuC6t5WwrS3OUk3WTJkPTfQCAmIKMPYVwY4mcdLHxsGaXDbYbPfe28C4UygniC-MyfwBVmNkiKBwW6MUG3xPpOmBB6I_aNbVjDenhhVNX21Hct81e7Ci51zn-ufvkdSyq70PYZt4XB8iZxvDZCsUxVjwHxFhfXlz_L7Uay3JBCom3edBlIRdgLDflgsLpUhXJYClwxY28WGsTkKnw9SmfYf2I10Hxe7LswDomMXyIpgrZvNlFvIYbt5NqOps-1AH6U5k2ndCTccp0EmrKAhbzujKiSHvuV3h6a6tMVCkyzol1JdiJG7g7a83NerRPT2PElYIoFIVqiQTEaEumvzeVTxzDBfE7IvJRn5hLdaCQFdNeNVWMemV-Z-vz6vN0ZvO6dcEqia1znFFXNnCjW2B9DbAaPS3R2qqxOJi5ojvduRY3h65-CBIil2UJFkNTSyx2W2a5C1KJPjlWwgh6rlbRPuZIx7mHMZNFlpDayejePd7DsKgGfqFiqmtR4ItqrG8QZOwmtC7Ti6jzCi5o5Cp3skfQa_DqIc86LR8UiuzeA_Tz3soOYRSk-TdQHv0fOtPdcBfawuXzTo4a4iYM3tO800sC0j1vby--0wZsUY1y4TuJHTItjwiU6-7pnGL7gi3zEc5upEobNJ8M1UpIEj9igxEjZHYHFAUIJk_k1sjkjD8RLsq-RBbHOe75yjI_8i9NOpk8GWFCrR8U_LQBLbmcpQTS9XN_HomkUINdVcixIIxh9hXhJbP6gy3-ZSYXTqHNb6rcaGcPpz8CLW0YSrdNh5rpZi7cIQexItI0hf03zwBFb-3NsGaVdiwNaZybhID9Pw2Hu0-uwi5mFgdeJ5oTjibZJgIIwGc_lzjbRl5Rtx07a644oo8e9DuTlxKA0mVmETUiW22QiM8lk52WgnN4Wn1Zcgb2uxCDXBG-V68pct_iE0QCZ_9nUQNMr5tYt-L407S5B4w7jfT3JVvSM31Ahto1edHGYZcRpKVo_A5qD05KXsOmRnXsvq2zV8vaM1ZNqYPbvnDlL5oq0ni0LLWGvKjHMVdzpG0fbjU-hn_TLgBhOefAVSKj_-VhSgclbIo5zrC2oHB2KZ3uOwaiqX_ymoF0w1zk2nGnmvMlZI5-fnXuTnATT4msQoqQGv8mizaHsBBGFu9Wd7Tiq8SYIasQ8i6Hmke6PuGy1H33cFa8NMCZbq0pAweV4o06O1v4kXGP3WX8qEi0m0gFNxQ3oHKObOqZq-S8ZXX-h0DsaN1CTl16n3gnT8jicrsovcQqerMC1u8oSU7cGBqDomOZ_2Bm6EQIeAVZtd2f0vNQzfW_EgxI_DcltoC2w91EBJr41w9_r9_yFb8A5WHrKG87lAKhgQtzv9cPsnFgq527-ZawIRf6MN4sig1tZiHXBiVTgA3lD1_21tmJxvXqM427U23PchqPGqVjl7cfHgVm9UywPW2q3IeN8PCs_WkyySJQgc2Efyyv9zmS155P7S9WoyJ_wOPkrKlmRcz1K3L2UypWUHD0LssTOPFZTltMmBTHOUu-YB5RdgfIPuQOFw5aTaXsUrSpA&cid=CAQSOwDUE5ympawoGog4QTfe_2Ey_x5wB7FvY7jGkDe9Fyvv7DOOPJo4O-fMqcy86smwC33OOzZHSdvEFqC8GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=7817417894427382000&adk=2215386029&idt=130&cac=0&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd983426cfb24fd1009050a85112e648b965ccccb6c10494830696542eaa20c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37680
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame C6FF 		694 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
64817
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227466
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 19:18:35 GMT
expires
Wed, 07 Feb 2024 19:18:35 GMT
last-modified
Fri, 03 Feb 2023 16:36:07 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:18:52 GMT
volume_off.png
www.gstatic.com/dfp/native/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/dfp/native/volume_off.png
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:03:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
162938
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2684
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 06 Feb 2024 16:03:15 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.flaresenha.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.flaresenha.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 85F9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 922B 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
etag
48472445140208031
expires
Thu, 09 Feb 2023 04:54:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 85F9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ab1dd78545bd9a8afc92d5477ee72b022818f1d5c964f64a0213b15811b11b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 372B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 7F32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUdI49i_yRWme7fgNKBp7poU3a9AHOVrCtPb0YdaTJLvy2uVbmlpkGbvx7glk8gKNWf9Cm3QLCqV7Dd5Wn6F9iRwaZ8758N69PB3RUhLn7TZ17ZMe5iYOyvBg7ztq_7j-OvoPuQyqn3Ppfp0fifdKysNAlFDUgRlrlWTuQbaQym-ZoPyP4
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMygWw0SFFMZFigPOuQnb2Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 7F32 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUdI49i_yRWme7fgNKBp7poU3a9AHOVrCtPb0YdaTJLvy2uVbmlpkGbvx7glk8gKNWf9Cm3QLCqV7Dd5Wn6F9iRwaZ8758N69PB3RUhLn7TZ17ZMe5iYOyvBg7ztq_7j-OvoPuQyqn3Ppfp0fifdKysNAlFDUgRlrlWTuQbaQym-ZoPyP4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 7F32
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUdI49i_yRWme7fgNKBp7poU3a9AHOVrCtPb0YdaTJLvy2uVbmlpkGbvx7glk8gKNWf9Cm3QLCqV7Dd5Wn6F9iRwaZ8758N69PB3RUhLn7TZ17ZMe5iYOyvBg7ztq_7j-OvoPuQyqn3Ppfp0fifdKysNAlFDUgRlrlWTuQbaQym-ZoPyP4
Protocol
H2
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 13:18:53 GMT
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEEYxLVCaIzW_ZecZf9fr1tI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 7F32 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUdI49i_yRWme7fgNKBp7poU3a9AHOVrCtPb0YdaTJLvy2uVbmlpkGbvx7glk8gKNWf9Cm3QLCqV7Dd5Wn6F9iRwaZ8758N69PB3RUhLn7TZ17ZMe5iYOyvBg7ztq_7j-OvoPuQyqn3Ppfp0fifdKysNAlFDUgRlrlWTuQbaQym-ZoPyP4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-209-30.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

expires
Wed, 08 Feb 2023 13:18:53 GMT
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 1C0E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 09:35:36 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 4FD7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 99D8 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8rVPO6HjY7ydC5SA9u8P5_mH-AIAAAAAOAHgBAI&bg=!Li2lLXnNAAaq5O5FiuQ7ADkAdvg8WtVNHh3g26W04Prn3rcN4hEMquD0XIWybiugEZ6NKMuYQENYe554X-B4rYYfpjszQ4-vnvICAAACsVIAAAAEaAEHmQNBCl7OO91lqGXpOjyra8R8yFvDP4E0K_b5BLTXCNbC6YbMwLlX_6mVosJrnjw0VEcVsG-xEgP-GDnCoZytpT49o4L8oyKCSZcpodn5SIjb_xQ1x40cTKZYexkj2opguhY2uZmI-VfWsbs53nFN4ntKdyrYYnQXHXqQe-wE1shCKotaZ3URwcmd77iH95c_c96DJTzez8-oqaBheIV1jVTnILBEX1EXoS35eXe0AyH8rp8vNiZPubIMzekwvod9PSUJZOGNycdj5CaRnUAaxVaMoqIxdO3VPYK-FAudMBxNImXZ3lugbF2hw-g6aFK_iahzGmKaBmyYjw95Q2u672Y7mv4j7z_nr6Nl-8EaXLjgIf5iiyYO5TLDRvvuFKUxrGGuiKCOHhIZK3GuIQ9d_zl5Ut_YDcsXtn9fZrzRsRX_arJWoG_UQmGhpuCRnkCgMsMrKkkoKEetvQXVTEAI7XS6dwfvFRY-97DXBnGHz1qwSgA_jxFmpR2BbVAkEMc66w-YIF_3iOcOBYwGp1abG_R_3EYOtxSGfF8rbzL-YLMju8KJyJb-m2AEx8FaNeyycBKS7OLjBzIBQZbyZ4X0o76NOrYvBY2nDnEzlr8BWuB5WjW9Eg-x8tPYh-FIRGLnPPI8AdpYkwHGnjCXaTPvHFxM2MeogfUpLlJDSPKY5NVJIq3j-FYplfWnpjWddPG0zw8lkBqFyvZ3EAzn5B_Mn3I6PAmRrAOLsozXP2_VqXBKG-jAjJMlM89CyBEQJl7ve8cZachwp_zP7Rvw4eV7BN11EuHDDqchonHgOKIsR_HwaecNQgqqv-H8Xkwj0dgithBJGiLs9daDMheq65S8-NF9MAQk9rAS_Yn-anfdxdkjDbUlo_EgCYXsQ0bhm2uymBTTergEZZb30cb5M2FmJh1trB8GRCflHqh9PiTaITzPmaoSvQEaInmc7SV-x0HnahTvn623MOUUIK5gARrAq5HNycB705e8CDXYAn3gW82yHQ-QqANkRZh_H8NWdnicss7rDJuTAB3UNZN1Ra_kr8MuEBHqMVavKwWDE0oY2LuRILgAFgDNjjOSXC1UgFk0h3qaTKQXeTZZ4SFvmevBSU0RIMs
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 690A 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3709253884789&version=m202301230201&ct=76&x=1&cor=1857037881730052400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E56 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=118116919371&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E56 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=118116919371&version=m202301230201&ct=76&x=1&cor=14238044892996320000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 6E56 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5bS58QAGkTkY0cwukngrKU9SQiovIrz16B-5uTBejQoTEeVmX0v_yjiJdm2981qnf1-rQ9ZEITX4CsdYZFUe1VwnLkEh_TgonulChAeYsgmpN_TI&cry=1&dbm_d=AKAmf-Ct6kjsflAhaxOrzsMu7OkZeDwY8s7HrioMXWUx01JSVkcjehX0o3kJsMZo0mGm8pyEINKkclSLgE6hx-3Yg34TWPe7axbQaMTTjCfvDCOslkoCadgE7vuhO8CLGJoABk0jlJFRASpTJKm56TX4MeP6zJ_tYj4BRW8_Gu7CV4IgtpVeWGUb0DYm35qZa7fAfHvsXbt9H02V2YPCe2mnrgAqm6Tm_yiC9vxRmMSQ0mb9CfMxb8th-SYqaqBX5Os0bqcxH6dfZ0drff_2qfCorAncuy3JuC1iWXPrS0cat2WGso_9ILom1oc1Canss7jo-lcdVOiKTHBM_U1S7f-cssIzBydQf7XE1kelXw1YB1AqHSAlwmrSGI42M9RFmG1ViuInhjsKobwXj71e4nFSN4QhG0u77ZYSCpUZeCHM-1Xm3m5l6JACOjslC0R0CE6gSPmcPNFJSr09P1kv_RioYEZqJgujXoAIDLuaWYAw6nu1fnV1OkS6I6TP2zrPNToMRXu9gq5xefW7D8UXuzDbKDRzyaA3oPtDKzbaAxHFRyWKZezRrz2Eo-iQoX3xSc-rSrypolC-HUjmXUWCtaUHNHD1RILAx8sbHp352oGF8ZQlytwTfXAJiIjyYkOhJBcYdRHquocXMhCRwWv-X8sSXw8i5aHPfVnsD7b2YZ4D-6G4R6uuT-DhFFhs0qszMYe-gpzNfq9K-pnQ_4mto_TkRA8TDarR7yNHo1dnb03s2naibhHizvNgVfh0YlKs5s9UGQYg1d1qik9nIxdy8B_-yvaxTkVOLLnXj6ByNOJaH9KtFBhMdWj0B0IfJmq7ky9rDP4RaIj18L_NtuLhimp0bvbOpdlwkjaG50Eg5E6hopoTQWOmVYuN9955_wcqxc73iCZOZlUpR6dUjeSeheF0F0fbuEqNCgM7DYJ3pngeECwjfFPHaYHsTtKgtkvxTz3rI51HGo0KrSyEZWB30-dVTSqEThHqtLSizEiTTvAPL8O0R7gUPAwVFsEqHpBneWP9E81aVlxU8oMuc-ocS0-FDVjaaxmImTgDbQRuro-aIAxdboPFi8lQgC2N9p8wyym88eKQKNd4J4FWNrFVjFyfn6nr34VMXv-0G1iSVvOR85kRJoH-6ukEpvvvmHDwf0M6fVpcp4ngXdcM7jdnIl4D9jbiYsC-pMynb3uMzZS_1xcJRigTyh940qZ3rDUmltSW8jopwKHNoF49p1vZWFRP0tKIUdqkAIq00vYqwuGIrpFsRAgUP7tXvQWf9zotba0MdHQFkJZPc8fjrvdDc90hTXktFAn6dEWYzfRWOmeLMH6VzgVqe7zhYn-GK_7Bzo1AV0CIT03QIUVINQe9XDNcV3va2A3vE60lLjksY9jmww3FxEpQ1YvXVfXwsRTUt6AYOkuq1yfVCIT0dInZwp_zcyxOH9r2WlObR8rU4oIYFZ3hxuz19tBNTKj2jjWdnm268yg2wb0bHw5pP2mWhW5aOtegFrrS_a2dkTrHQSrWFFE0wEMDgrHsOA7gf5oPoLJ522Xl2dTc1mOGObuEVEzaXjR5FuTvWTJOUDmvWIn7V-fZA-G1pNOCFXMfvUDYUugnNAHiOiQ0DdToT7S5F1BUVSEY1ZyjSIy6hScSV-8z3uzAnrenK59HU02nRMwdRaOxxuaH3AIaO9BVogkQp80EAj0WhWBY_b5OXP1BQCRHro25In_Eox8o5vEWX1YM7NBMjJIdSKPrTHf3RR0-e0n8QL3sD7CMslfNEmJHEw8ESMRvhzLVkKV9o34KRxwkF2bHfPdUtfAdJVq3XHAn_yZ9tRW3fs1QDcp9KCu_ir1wVZ86HPsYXDFx3eNx5OVklJ2aJ453pntXCUeSPp8EaW-djVMZ9OMmolj9vmBKEhoBDHUpIZ3rU90HCeX1UnpihjYHw1rn7OaWtPAwePhqHn3zDvjvUk6id128VkeTQQAgX5lesRUyL41tpr77PIVSzA9dyWkgOePG1MHzGb_dwG2dNThyhl7VZgoijYsTagwUGREq8a41cpDP3uvXYK1Oads3Ajc1bAgeS72zVGSiHWE3msMpExN08cViMf-1Q6jh7yVRFB0-S7FtQQtypbqXcVNnxaGDJv5c82Lg6vbOx1lOoWNlfjnYJGMQsh3tcgQaX8BV1asGBseLImC_QGs1M6kK3q4qX1jTZqTT5a97c-8RwfSbgZeUV3H8PCwsGt8YP9Yv1IHZvecsPLJTpdR7JythuK2B9md8AmtuQJvrI-o7R9JltfccDmbA-IQOtkFgDt6hoLcZsOiRZgqT4hPkDSfFyfn-cRoHPoJrCQd9cBynF2WKTRaYurAOoxcBwIvMwp6wVOSUFO4J0vY8yrccY3KLe68Rk9pIFUHr4an_Km9UKOgLPpzMGgQhXwc1uIXv3F2FclKKulftZpjVpPxl8qoKn_tiLwGEjQEk-WkjV3KWzIdQjNO2b4Il9rU6jl_pDdZKtwIPR_hYkXzWmudhzp69BYKPz6P8Mxri50rRyYepSbfY5mOXiNvy1z4mf8ncTQ-ustsZSJ9dAI5PCH6NCnl4YnUHnjdM282eFmCgGfSWKHpRdfIeI5o3eFe1YAL4XO8rGbTGHYLxKBOl-pqBw5tPcSW0OzTWNUV4xhkAkk1z3R_5AoGifD6KXcY_MQsIpihf20lN54_RpWoaUEqXetmSYPOXxkvihYY5h8OMlnpDHio28OqmzJwnZcoxAd0B2WrBjbgpoCKhCr8KmhwlUl6bNCm11_FQdfQyQXR6lmzE0q3ohYsgPZ_Sba16r4bdA2x4asw2CnW6OxIAiN9sfrYEZFaXJ2MzWL08W55ZFLY4lhfIZaq2TGAnS18olcBNQ2FvtiyJqQ9uz2qtAtSbhDyLgBo2QPiaZBmA7ONWt9H_nn7gXDzflmalZQ9kBIv2q2crPiFztfgqavW13QvbeZmqHnRboJi2d-KeEDIbHbdE4k_fZLp4-odSUdNvm2D8ZYglX16vW-imya-OrEgj67JI9rDI_XuYePGNXWg6G0UF3TYed6DzRAZYg6v7ZoQke2aADvpSmVisMrEvYbUtmRByJJNZTr7KRz18EKHXAY_-8FOB4J9fjBwk9gxVLYVU_0yEyPuwZdQXqCMNOlmCkyKHckaEd7472SRyRCGGBkivcI7aBqW4ajyp_a89yK94mbH0eZAomGQQhAs1oV0bFnAwPbL3vBcWAqiQB4NO9D-mN5qzd9W048JBdtXn-QugFvlRvRvG1QDzT2zjfrDbTsEybOuoT11B7AYnAc0_xac2DRmOPP7ZN5uCveGk6DJNcKlZ9g5UMTmJeamUFjSF1FGlwvlXAoLE8PFZFsoyK3k8YQQwt-_EXJ6hSW58pAxOyUoXltlR00I&cid=CAQSOwDUE5ymFejyBwxmFQrC8YYmz7IJ4V__2L4o9tUr5QQxjSkb-_elKiespJxf0K7RZ9-ypQ1uzSvDWVMlGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=14238044892996320000&adk=792902355&idt=177&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e245162876aaedb18584b8dddf3d7c352ce475940d59d2b7a35d802eaa3f0b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634094/ Frame D68B 		243 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634094/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.83.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-83-138.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9e8b85c07b4f1b2a13d20749f4fd46d19f2b6587ae75bc10338466e7b9a57bae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D68B 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 04:54:21 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame D68B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLlXpmGvcF87CQMeuNKfek-AY65-UwSrWOnzijRBSIf7xsoYvtcgreQonPQJViNXKpQ9p7cX5bxin25NDy7jTYdGZ7vkoIC1KHwYi7WQMGHAOEUQ92GjeSU5dt0kvBGPAGZJhcRLfbq3mi7qOf5MW1TUnk1jif4bp8gT6y9JESzTbBvLo&dbm_d=AKAmf-DwFA8k4b488k0sgkT2gyET8UUbe3C9i7xxuir0PFrx58trFW3iep7CYWFm_AAjkSpjrF8qY2ZRrZG83g086dkd0tA9zkvtXZyalaPNcVLFACQIBCSDuRZgwuK_eKeKVAUeDq1t1dtrJ6ctOtGwGdDjz5ShrNdvfbcu9g4WO0vqXcWKhCmMarCwaQdADJBVk3eEc_8P2aVjaMqjOWt7w2C-MqURnVaDVexxr6vMAia6YpQC9JwoLlabNHmm1s5WCWegSECPbTibYZqNDIE7TFcvQoO-74CrUNFW-UJpksdjgwkDGDu7wLkhslw1bEdAq3fIQpVD1hf30yJrXinvW8hojYGxs43mZ72Kx0u4DoX-t7Zk8GTq_uQL_01nTIeHcjCSXEL6hC2Qi3y3K6Qm-pmAW-Bx6XrUU5bBal1KelJ4PWB_a_fYvqhBqV4LqLfocriVbJIZf7n23WkyCOKRVMwmROiom1rglOQT1Ja86NfZ_j6d95voFRHuy1ap37-I316GPWpTDnvqg8tXNnUUeyyF-Fh0ne5dx1xNRRBzteVHfstQ3H8DDMSdxcU0HGaDqWEeeRC09ZaBP2-2jyzf2uEVZHMfc5KnfukQCjUD-dOi8yoXmwb8fUvAQC00oIgnWRYV9gf3pe-HUhXItTBAElTC5DPdXvGJmdLOpWnxbqzh627PSbtmqKPjQ6uDyowpeXgjyLbJ2RnsGoWpMv9U2YsTBSbRrSq3uOakvGIw-IgLK5FmjVMbkfbMHUMhOMM-H4H0aYmZOh-Tpg2qlEg9kQvdCjVJ0CYZfko3lQtZCdLjYw9dD5SZUSqfQBUW8qN5_oxq2teptw3fe2sGfZLPmEWMH3TZxmL945uPOcWnYu9TNQOpIUYuR9HoRLzXHky93ds6HmTvN-Zez8Ii5Khq00qLNnjzOEkTf9m20uihQ3v63E14CCUOOjDBVPEmzP7sYiNQ6WhZ5DM7aldZLhYYrzhBBey3wmGkjeVoyEKIKi78GADhquV7vI7wWTX2FMaNRc92luBde7WSZFHIjBfC6iWGUXYo0TvPxVbZC9Yg_ZK74mlH4uWT5X8dAboh0VLoKT1wrRy0i-0N6okFBOtDbP4_84ibFPcYQXtVRdFZ3PIPn98X3kTuvtPw_ayAfIHYkLwociNUIRx4eNTVd2P7U4yqK63SySgc04FqpgevUhGUUQnCJfbJowONE-v_gQL1D6y1T3zo2IB7VkP5WiCztSKnmyi65Z9u1pK3PqYwfKh5UEyZs--byPoWYb-4iE9KEVc5E23g8vecb0gj0Fmevh385obzvNj6ZM09s_37PxmGiMdVd48GPJ2V2qwXZZO9vJ_yhRQ5Zo0AuavkRE1727FKdhAM34829HrTzBkmX6trrUOc6WPWZzgXwgoFZn3c5hVUY8fxFyTG9J_tKhMpnxR9HM27YJQTvKY18zZ6EUhtAKjK8Jbyue_VbPFJireiUBJPDT5lK2ZYRZHWSTRxx3ftZTwjTi0cCTwTrv0SSe2hkoZbUIgXBw3WmoVHWujAbZeEznUdKONToRscCgxwfQRbxMhveTyCahY4Ot4TFWqSbcpGjaFAt9yylCWgD831DUPYA2aVBE0WwzrWFhwtvukV6tdPOx_F87O-0hs3tIUgVVtWzK9c0YtpECgd1q1JHcKZ5fkMyeFV3tjubweIXoh1_BaQXyjETHQFNW9aYOnxSnDUx0Y1nFP-uh7V2PWlmiMZmKdGS2LUzrlQZLHSWVL6FIjNI8AhsGbDxRCDjb1YpqwbWecsDspvF7ykXLuOmcrcNtLAKJf9BcSRfTRM1RdtXWuC6t5WwrS3OUk3WTJkPTfQCAmIKMPYVwY4mcdLHxsGaXDbYbPfe28C4UygniC-MyfwBVmNkiKBwW6MUG3xPpOmBB6I_aNbVjDenhhVNX21Hct81e7Ci51zn-ufvkdSyq70PYZt4XB8iZxvDZCsUxVjwHxFhfXlz_L7Uay3JBCom3edBlIRdgLDflgsLpUhXJYClwxY28WGsTkKnw9SmfYf2I10Hxe7LswDomMXyIpgrZvNlFvIYbt5NqOps-1AH6U5k2ndCTccp0EmrKAhbzujKiSHvuV3h6a6tMVCkyzol1JdiJG7g7a83NerRPT2PElYIoFIVqiQTEaEumvzeVTxzDBfE7IvJRn5hLdaCQFdNeNVWMemV-Z-vz6vN0ZvO6dcEqia1znFFXNnCjW2B9DbAaPS3R2qqxOJi5ojvduRY3h65-CBIil2UJFkNTSyx2W2a5C1KJPjlWwgh6rlbRPuZIx7mHMZNFlpDayejePd7DsKgGfqFiqmtR4ItqrG8QZOwmtC7Ti6jzCi5o5Cp3skfQa_DqIc86LR8UiuzeA_Tz3soOYRSk-TdQHv0fOtPdcBfawuXzTo4a4iYM3tO800sC0j1vby--0wZsUY1y4TuJHTItjwiU6-7pnGL7gi3zEc5upEobNJ8M1UpIEj9igxEjZHYHFAUIJk_k1sjkjD8RLsq-RBbHOe75yjI_8i9NOpk8GWFCrR8U_LQBLbmcpQTS9XN_HomkUINdVcixIIxh9hXhJbP6gy3-ZSYXTqHNb6rcaGcPpz8CLW0YSrdNh5rpZi7cIQexItI0hf03zwBFb-3NsGaVdiwNaZybhID9Pw2Hu0-uwi5mFgdeJ5oTjibZJgIIwGc_lzjbRl5Rtx07a644oo8e9DuTlxKA0mVmETUiW22QiM8lk52WgnN4Wn1Zcgb2uxCDXBG-V68pct_iE0QCZ_9nUQNMr5tYt-L407S5B4w7jfT3JVvSM31Ahto1edHGYZcRpKVo_A5qD05KXsOmRnXsvq2zV8vaM1ZNqYPbvnDlL5oq0ni0LLWGvKjHMVdzpG0fbjU-hn_TLgBhOefAVSKj_-VhSgclbIo5zrC2oHB2KZ3uOwaiqX_ymoF0w1zk2nGnmvMlZI5-fnXuTnATT4msQoqQGv8mizaHsBBGFu9Wd7Tiq8SYIasQ8i6Hmke6PuGy1H33cFa8NMCZbq0pAweV4o06O1v4kXGP3WX8qEi0m0gFNxQ3oHKObOqZq-S8ZXX-h0DsaN1CTl16n3gnT8jicrsovcQqerMC1u8oSU7cGBqDomOZ_2Bm6EQIeAVZtd2f0vNQzfW_EgxI_DcltoC2w91EBJr41w9_r9_yFb8A5WHrKG87lAKhgQtzv9cPsnFgq527-ZawIRf6MN4sig1tZiHXBiVTgA3lD1_21tmJxvXqM427U23PchqPGqVjl7cfHgVm9UywPW2q3IeN8PCs_WkyySJQgc2Efyyv9zmS155P7S9WoyJ_wOPkrKlmRcz1K3L2UypWUHD0LssTOPFZTltMmBTHOUu-YB5RdgfIPuQOFw5aTaXsUrSpA&cid=CAQSOwDUE5ympawoGog4QTfe_2Ey_x5wB7FvY7jGkDe9Fyvv7DOOPJo4O-fMqcy86smwC33OOzZHSdvEFqC8GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=7817417894427382000&adk=2215386029&idt=130&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame D68B 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLlXpmGvcF87CQMeuNKfek-AY65-UwSrWOnzijRBSIf7xsoYvtcgreQonPQJViNXKpQ9p7cX5bxin25NDy7jTYdGZ7vkoIC1KHwYi7WQMGHAOEUQ92GjeSU5dt0kvBGPAGZJhcRLfbq3mi7qOf5MW1TUnk1jif4bp8gT6y9JESzTbBvLo&dbm_d=AKAmf-DwFA8k4b488k0sgkT2gyET8UUbe3C9i7xxuir0PFrx58trFW3iep7CYWFm_AAjkSpjrF8qY2ZRrZG83g086dkd0tA9zkvtXZyalaPNcVLFACQIBCSDuRZgwuK_eKeKVAUeDq1t1dtrJ6ctOtGwGdDjz5ShrNdvfbcu9g4WO0vqXcWKhCmMarCwaQdADJBVk3eEc_8P2aVjaMqjOWt7w2C-MqURnVaDVexxr6vMAia6YpQC9JwoLlabNHmm1s5WCWegSECPbTibYZqNDIE7TFcvQoO-74CrUNFW-UJpksdjgwkDGDu7wLkhslw1bEdAq3fIQpVD1hf30yJrXinvW8hojYGxs43mZ72Kx0u4DoX-t7Zk8GTq_uQL_01nTIeHcjCSXEL6hC2Qi3y3K6Qm-pmAW-Bx6XrUU5bBal1KelJ4PWB_a_fYvqhBqV4LqLfocriVbJIZf7n23WkyCOKRVMwmROiom1rglOQT1Ja86NfZ_j6d95voFRHuy1ap37-I316GPWpTDnvqg8tXNnUUeyyF-Fh0ne5dx1xNRRBzteVHfstQ3H8DDMSdxcU0HGaDqWEeeRC09ZaBP2-2jyzf2uEVZHMfc5KnfukQCjUD-dOi8yoXmwb8fUvAQC00oIgnWRYV9gf3pe-HUhXItTBAElTC5DPdXvGJmdLOpWnxbqzh627PSbtmqKPjQ6uDyowpeXgjyLbJ2RnsGoWpMv9U2YsTBSbRrSq3uOakvGIw-IgLK5FmjVMbkfbMHUMhOMM-H4H0aYmZOh-Tpg2qlEg9kQvdCjVJ0CYZfko3lQtZCdLjYw9dD5SZUSqfQBUW8qN5_oxq2teptw3fe2sGfZLPmEWMH3TZxmL945uPOcWnYu9TNQOpIUYuR9HoRLzXHky93ds6HmTvN-Zez8Ii5Khq00qLNnjzOEkTf9m20uihQ3v63E14CCUOOjDBVPEmzP7sYiNQ6WhZ5DM7aldZLhYYrzhBBey3wmGkjeVoyEKIKi78GADhquV7vI7wWTX2FMaNRc92luBde7WSZFHIjBfC6iWGUXYo0TvPxVbZC9Yg_ZK74mlH4uWT5X8dAboh0VLoKT1wrRy0i-0N6okFBOtDbP4_84ibFPcYQXtVRdFZ3PIPn98X3kTuvtPw_ayAfIHYkLwociNUIRx4eNTVd2P7U4yqK63SySgc04FqpgevUhGUUQnCJfbJowONE-v_gQL1D6y1T3zo2IB7VkP5WiCztSKnmyi65Z9u1pK3PqYwfKh5UEyZs--byPoWYb-4iE9KEVc5E23g8vecb0gj0Fmevh385obzvNj6ZM09s_37PxmGiMdVd48GPJ2V2qwXZZO9vJ_yhRQ5Zo0AuavkRE1727FKdhAM34829HrTzBkmX6trrUOc6WPWZzgXwgoFZn3c5hVUY8fxFyTG9J_tKhMpnxR9HM27YJQTvKY18zZ6EUhtAKjK8Jbyue_VbPFJireiUBJPDT5lK2ZYRZHWSTRxx3ftZTwjTi0cCTwTrv0SSe2hkoZbUIgXBw3WmoVHWujAbZeEznUdKONToRscCgxwfQRbxMhveTyCahY4Ot4TFWqSbcpGjaFAt9yylCWgD831DUPYA2aVBE0WwzrWFhwtvukV6tdPOx_F87O-0hs3tIUgVVtWzK9c0YtpECgd1q1JHcKZ5fkMyeFV3tjubweIXoh1_BaQXyjETHQFNW9aYOnxSnDUx0Y1nFP-uh7V2PWlmiMZmKdGS2LUzrlQZLHSWVL6FIjNI8AhsGbDxRCDjb1YpqwbWecsDspvF7ykXLuOmcrcNtLAKJf9BcSRfTRM1RdtXWuC6t5WwrS3OUk3WTJkPTfQCAmIKMPYVwY4mcdLHxsGaXDbYbPfe28C4UygniC-MyfwBVmNkiKBwW6MUG3xPpOmBB6I_aNbVjDenhhVNX21Hct81e7Ci51zn-ufvkdSyq70PYZt4XB8iZxvDZCsUxVjwHxFhfXlz_L7Uay3JBCom3edBlIRdgLDflgsLpUhXJYClwxY28WGsTkKnw9SmfYf2I10Hxe7LswDomMXyIpgrZvNlFvIYbt5NqOps-1AH6U5k2ndCTccp0EmrKAhbzujKiSHvuV3h6a6tMVCkyzol1JdiJG7g7a83NerRPT2PElYIoFIVqiQTEaEumvzeVTxzDBfE7IvJRn5hLdaCQFdNeNVWMemV-Z-vz6vN0ZvO6dcEqia1znFFXNnCjW2B9DbAaPS3R2qqxOJi5ojvduRY3h65-CBIil2UJFkNTSyx2W2a5C1KJPjlWwgh6rlbRPuZIx7mHMZNFlpDayejePd7DsKgGfqFiqmtR4ItqrG8QZOwmtC7Ti6jzCi5o5Cp3skfQa_DqIc86LR8UiuzeA_Tz3soOYRSk-TdQHv0fOtPdcBfawuXzTo4a4iYM3tO800sC0j1vby--0wZsUY1y4TuJHTItjwiU6-7pnGL7gi3zEc5upEobNJ8M1UpIEj9igxEjZHYHFAUIJk_k1sjkjD8RLsq-RBbHOe75yjI_8i9NOpk8GWFCrR8U_LQBLbmcpQTS9XN_HomkUINdVcixIIxh9hXhJbP6gy3-ZSYXTqHNb6rcaGcPpz8CLW0YSrdNh5rpZi7cIQexItI0hf03zwBFb-3NsGaVdiwNaZybhID9Pw2Hu0-uwi5mFgdeJ5oTjibZJgIIwGc_lzjbRl5Rtx07a644oo8e9DuTlxKA0mVmETUiW22QiM8lk52WgnN4Wn1Zcgb2uxCDXBG-V68pct_iE0QCZ_9nUQNMr5tYt-L407S5B4w7jfT3JVvSM31Ahto1edHGYZcRpKVo_A5qD05KXsOmRnXsvq2zV8vaM1ZNqYPbvnDlL5oq0ni0LLWGvKjHMVdzpG0fbjU-hn_TLgBhOefAVSKj_-VhSgclbIo5zrC2oHB2KZ3uOwaiqX_ymoF0w1zk2nGnmvMlZI5-fnXuTnATT4msQoqQGv8mizaHsBBGFu9Wd7Tiq8SYIasQ8i6Hmke6PuGy1H33cFa8NMCZbq0pAweV4o06O1v4kXGP3WX8qEi0m0gFNxQ3oHKObOqZq-S8ZXX-h0DsaN1CTl16n3gnT8jicrsovcQqerMC1u8oSU7cGBqDomOZ_2Bm6EQIeAVZtd2f0vNQzfW_EgxI_DcltoC2w91EBJr41w9_r9_yFb8A5WHrKG87lAKhgQtzv9cPsnFgq527-ZawIRf6MN4sig1tZiHXBiVTgA3lD1_21tmJxvXqM427U23PchqPGqVjl7cfHgVm9UywPW2q3IeN8PCs_WkyySJQgc2Efyyv9zmS155P7S9WoyJ_wOPkrKlmRcz1K3L2UypWUHD0LssTOPFZTltMmBTHOUu-YB5RdgfIPuQOFw5aTaXsUrSpA&cid=CAQSOwDUE5ympawoGog4QTfe_2Ey_x5wB7FvY7jGkDe9Fyvv7DOOPJo4O-fMqcy86smwC33OOzZHSdvEFqC8GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=7817417894427382000&adk=2215386029&idt=130&cac=0&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10982
x-xss-protection
0
server
cafe
etag
3642240749246652247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame E437 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 883C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
mgid_ua.svg
cdn.mgid.com/images/mgid/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
5HW7HCDCYE0NXDBD
age
2220
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
G94v7pzjyjLnSAZZVXI0e58Eui5rHZR9441Vhr3UnW4mLFb/hI7xqd1r2K+ySizuFdjETUkIV4U=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7964a75faa9630ca-FRA
expires
Thu, 09 Feb 2023 13:18:53 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YX26RVNEGW9X6AWK
age
6918
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7964a75faa9730ca-FRA
expires
Thu, 09 Feb 2023 13:18:53 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6E56 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Origin
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 17:08:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 17:08:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame 6E56 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5bS58QAGkTkY0cwukngrKU9SQiovIrz16B-5uTBejQoTEeVmX0v_yjiJdm2981qnf1-rQ9ZEITX4CsdYZFUe1VwnLkEh_TgonulChAeYsgmpN_TI&cry=1&dbm_d=AKAmf-Ct6kjsflAhaxOrzsMu7OkZeDwY8s7HrioMXWUx01JSVkcjehX0o3kJsMZo0mGm8pyEINKkclSLgE6hx-3Yg34TWPe7axbQaMTTjCfvDCOslkoCadgE7vuhO8CLGJoABk0jlJFRASpTJKm56TX4MeP6zJ_tYj4BRW8_Gu7CV4IgtpVeWGUb0DYm35qZa7fAfHvsXbt9H02V2YPCe2mnrgAqm6Tm_yiC9vxRmMSQ0mb9CfMxb8th-SYqaqBX5Os0bqcxH6dfZ0drff_2qfCorAncuy3JuC1iWXPrS0cat2WGso_9ILom1oc1Canss7jo-lcdVOiKTHBM_U1S7f-cssIzBydQf7XE1kelXw1YB1AqHSAlwmrSGI42M9RFmG1ViuInhjsKobwXj71e4nFSN4QhG0u77ZYSCpUZeCHM-1Xm3m5l6JACOjslC0R0CE6gSPmcPNFJSr09P1kv_RioYEZqJgujXoAIDLuaWYAw6nu1fnV1OkS6I6TP2zrPNToMRXu9gq5xefW7D8UXuzDbKDRzyaA3oPtDKzbaAxHFRyWKZezRrz2Eo-iQoX3xSc-rSrypolC-HUjmXUWCtaUHNHD1RILAx8sbHp352oGF8ZQlytwTfXAJiIjyYkOhJBcYdRHquocXMhCRwWv-X8sSXw8i5aHPfVnsD7b2YZ4D-6G4R6uuT-DhFFhs0qszMYe-gpzNfq9K-pnQ_4mto_TkRA8TDarR7yNHo1dnb03s2naibhHizvNgVfh0YlKs5s9UGQYg1d1qik9nIxdy8B_-yvaxTkVOLLnXj6ByNOJaH9KtFBhMdWj0B0IfJmq7ky9rDP4RaIj18L_NtuLhimp0bvbOpdlwkjaG50Eg5E6hopoTQWOmVYuN9955_wcqxc73iCZOZlUpR6dUjeSeheF0F0fbuEqNCgM7DYJ3pngeECwjfFPHaYHsTtKgtkvxTz3rI51HGo0KrSyEZWB30-dVTSqEThHqtLSizEiTTvAPL8O0R7gUPAwVFsEqHpBneWP9E81aVlxU8oMuc-ocS0-FDVjaaxmImTgDbQRuro-aIAxdboPFi8lQgC2N9p8wyym88eKQKNd4J4FWNrFVjFyfn6nr34VMXv-0G1iSVvOR85kRJoH-6ukEpvvvmHDwf0M6fVpcp4ngXdcM7jdnIl4D9jbiYsC-pMynb3uMzZS_1xcJRigTyh940qZ3rDUmltSW8jopwKHNoF49p1vZWFRP0tKIUdqkAIq00vYqwuGIrpFsRAgUP7tXvQWf9zotba0MdHQFkJZPc8fjrvdDc90hTXktFAn6dEWYzfRWOmeLMH6VzgVqe7zhYn-GK_7Bzo1AV0CIT03QIUVINQe9XDNcV3va2A3vE60lLjksY9jmww3FxEpQ1YvXVfXwsRTUt6AYOkuq1yfVCIT0dInZwp_zcyxOH9r2WlObR8rU4oIYFZ3hxuz19tBNTKj2jjWdnm268yg2wb0bHw5pP2mWhW5aOtegFrrS_a2dkTrHQSrWFFE0wEMDgrHsOA7gf5oPoLJ522Xl2dTc1mOGObuEVEzaXjR5FuTvWTJOUDmvWIn7V-fZA-G1pNOCFXMfvUDYUugnNAHiOiQ0DdToT7S5F1BUVSEY1ZyjSIy6hScSV-8z3uzAnrenK59HU02nRMwdRaOxxuaH3AIaO9BVogkQp80EAj0WhWBY_b5OXP1BQCRHro25In_Eox8o5vEWX1YM7NBMjJIdSKPrTHf3RR0-e0n8QL3sD7CMslfNEmJHEw8ESMRvhzLVkKV9o34KRxwkF2bHfPdUtfAdJVq3XHAn_yZ9tRW3fs1QDcp9KCu_ir1wVZ86HPsYXDFx3eNx5OVklJ2aJ453pntXCUeSPp8EaW-djVMZ9OMmolj9vmBKEhoBDHUpIZ3rU90HCeX1UnpihjYHw1rn7OaWtPAwePhqHn3zDvjvUk6id128VkeTQQAgX5lesRUyL41tpr77PIVSzA9dyWkgOePG1MHzGb_dwG2dNThyhl7VZgoijYsTagwUGREq8a41cpDP3uvXYK1Oads3Ajc1bAgeS72zVGSiHWE3msMpExN08cViMf-1Q6jh7yVRFB0-S7FtQQtypbqXcVNnxaGDJv5c82Lg6vbOx1lOoWNlfjnYJGMQsh3tcgQaX8BV1asGBseLImC_QGs1M6kK3q4qX1jTZqTT5a97c-8RwfSbgZeUV3H8PCwsGt8YP9Yv1IHZvecsPLJTpdR7JythuK2B9md8AmtuQJvrI-o7R9JltfccDmbA-IQOtkFgDt6hoLcZsOiRZgqT4hPkDSfFyfn-cRoHPoJrCQd9cBynF2WKTRaYurAOoxcBwIvMwp6wVOSUFO4J0vY8yrccY3KLe68Rk9pIFUHr4an_Km9UKOgLPpzMGgQhXwc1uIXv3F2FclKKulftZpjVpPxl8qoKn_tiLwGEjQEk-WkjV3KWzIdQjNO2b4Il9rU6jl_pDdZKtwIPR_hYkXzWmudhzp69BYKPz6P8Mxri50rRyYepSbfY5mOXiNvy1z4mf8ncTQ-ustsZSJ9dAI5PCH6NCnl4YnUHnjdM282eFmCgGfSWKHpRdfIeI5o3eFe1YAL4XO8rGbTGHYLxKBOl-pqBw5tPcSW0OzTWNUV4xhkAkk1z3R_5AoGifD6KXcY_MQsIpihf20lN54_RpWoaUEqXetmSYPOXxkvihYY5h8OMlnpDHio28OqmzJwnZcoxAd0B2WrBjbgpoCKhCr8KmhwlUl6bNCm11_FQdfQyQXR6lmzE0q3ohYsgPZ_Sba16r4bdA2x4asw2CnW6OxIAiN9sfrYEZFaXJ2MzWL08W55ZFLY4lhfIZaq2TGAnS18olcBNQ2FvtiyJqQ9uz2qtAtSbhDyLgBo2QPiaZBmA7ONWt9H_nn7gXDzflmalZQ9kBIv2q2crPiFztfgqavW13QvbeZmqHnRboJi2d-KeEDIbHbdE4k_fZLp4-odSUdNvm2D8ZYglX16vW-imya-OrEgj67JI9rDI_XuYePGNXWg6G0UF3TYed6DzRAZYg6v7ZoQke2aADvpSmVisMrEvYbUtmRByJJNZTr7KRz18EKHXAY_-8FOB4J9fjBwk9gxVLYVU_0yEyPuwZdQXqCMNOlmCkyKHckaEd7472SRyRCGGBkivcI7aBqW4ajyp_a89yK94mbH0eZAomGQQhAs1oV0bFnAwPbL3vBcWAqiQB4NO9D-mN5qzd9W048JBdtXn-QugFvlRvRvG1QDzT2zjfrDbTsEybOuoT11B7AYnAc0_xac2DRmOPP7ZN5uCveGk6DJNcKlZ9g5UMTmJeamUFjSF1FGlwvlXAoLE8PFZFsoyK3k8YQQwt-_EXJ6hSW58pAxOyUoXltlR00I&cid=CAQSOwDUE5ymFejyBwxmFQrC8YYmz7IJ4V__2L4o9tUr5QQxjSkb-_elKiespJxf0K7RZ9-ypQ1uzSvDWVMlGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=14238044892996320000&adk=792902355&idt=177&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame 6E56 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5bS58QAGkTkY0cwukngrKU9SQiovIrz16B-5uTBejQoTEeVmX0v_yjiJdm2981qnf1-rQ9ZEITX4CsdYZFUe1VwnLkEh_TgonulChAeYsgmpN_TI&cry=1&dbm_d=AKAmf-Ct6kjsflAhaxOrzsMu7OkZeDwY8s7HrioMXWUx01JSVkcjehX0o3kJsMZo0mGm8pyEINKkclSLgE6hx-3Yg34TWPe7axbQaMTTjCfvDCOslkoCadgE7vuhO8CLGJoABk0jlJFRASpTJKm56TX4MeP6zJ_tYj4BRW8_Gu7CV4IgtpVeWGUb0DYm35qZa7fAfHvsXbt9H02V2YPCe2mnrgAqm6Tm_yiC9vxRmMSQ0mb9CfMxb8th-SYqaqBX5Os0bqcxH6dfZ0drff_2qfCorAncuy3JuC1iWXPrS0cat2WGso_9ILom1oc1Canss7jo-lcdVOiKTHBM_U1S7f-cssIzBydQf7XE1kelXw1YB1AqHSAlwmrSGI42M9RFmG1ViuInhjsKobwXj71e4nFSN4QhG0u77ZYSCpUZeCHM-1Xm3m5l6JACOjslC0R0CE6gSPmcPNFJSr09P1kv_RioYEZqJgujXoAIDLuaWYAw6nu1fnV1OkS6I6TP2zrPNToMRXu9gq5xefW7D8UXuzDbKDRzyaA3oPtDKzbaAxHFRyWKZezRrz2Eo-iQoX3xSc-rSrypolC-HUjmXUWCtaUHNHD1RILAx8sbHp352oGF8ZQlytwTfXAJiIjyYkOhJBcYdRHquocXMhCRwWv-X8sSXw8i5aHPfVnsD7b2YZ4D-6G4R6uuT-DhFFhs0qszMYe-gpzNfq9K-pnQ_4mto_TkRA8TDarR7yNHo1dnb03s2naibhHizvNgVfh0YlKs5s9UGQYg1d1qik9nIxdy8B_-yvaxTkVOLLnXj6ByNOJaH9KtFBhMdWj0B0IfJmq7ky9rDP4RaIj18L_NtuLhimp0bvbOpdlwkjaG50Eg5E6hopoTQWOmVYuN9955_wcqxc73iCZOZlUpR6dUjeSeheF0F0fbuEqNCgM7DYJ3pngeECwjfFPHaYHsTtKgtkvxTz3rI51HGo0KrSyEZWB30-dVTSqEThHqtLSizEiTTvAPL8O0R7gUPAwVFsEqHpBneWP9E81aVlxU8oMuc-ocS0-FDVjaaxmImTgDbQRuro-aIAxdboPFi8lQgC2N9p8wyym88eKQKNd4J4FWNrFVjFyfn6nr34VMXv-0G1iSVvOR85kRJoH-6ukEpvvvmHDwf0M6fVpcp4ngXdcM7jdnIl4D9jbiYsC-pMynb3uMzZS_1xcJRigTyh940qZ3rDUmltSW8jopwKHNoF49p1vZWFRP0tKIUdqkAIq00vYqwuGIrpFsRAgUP7tXvQWf9zotba0MdHQFkJZPc8fjrvdDc90hTXktFAn6dEWYzfRWOmeLMH6VzgVqe7zhYn-GK_7Bzo1AV0CIT03QIUVINQe9XDNcV3va2A3vE60lLjksY9jmww3FxEpQ1YvXVfXwsRTUt6AYOkuq1yfVCIT0dInZwp_zcyxOH9r2WlObR8rU4oIYFZ3hxuz19tBNTKj2jjWdnm268yg2wb0bHw5pP2mWhW5aOtegFrrS_a2dkTrHQSrWFFE0wEMDgrHsOA7gf5oPoLJ522Xl2dTc1mOGObuEVEzaXjR5FuTvWTJOUDmvWIn7V-fZA-G1pNOCFXMfvUDYUugnNAHiOiQ0DdToT7S5F1BUVSEY1ZyjSIy6hScSV-8z3uzAnrenK59HU02nRMwdRaOxxuaH3AIaO9BVogkQp80EAj0WhWBY_b5OXP1BQCRHro25In_Eox8o5vEWX1YM7NBMjJIdSKPrTHf3RR0-e0n8QL3sD7CMslfNEmJHEw8ESMRvhzLVkKV9o34KRxwkF2bHfPdUtfAdJVq3XHAn_yZ9tRW3fs1QDcp9KCu_ir1wVZ86HPsYXDFx3eNx5OVklJ2aJ453pntXCUeSPp8EaW-djVMZ9OMmolj9vmBKEhoBDHUpIZ3rU90HCeX1UnpihjYHw1rn7OaWtPAwePhqHn3zDvjvUk6id128VkeTQQAgX5lesRUyL41tpr77PIVSzA9dyWkgOePG1MHzGb_dwG2dNThyhl7VZgoijYsTagwUGREq8a41cpDP3uvXYK1Oads3Ajc1bAgeS72zVGSiHWE3msMpExN08cViMf-1Q6jh7yVRFB0-S7FtQQtypbqXcVNnxaGDJv5c82Lg6vbOx1lOoWNlfjnYJGMQsh3tcgQaX8BV1asGBseLImC_QGs1M6kK3q4qX1jTZqTT5a97c-8RwfSbgZeUV3H8PCwsGt8YP9Yv1IHZvecsPLJTpdR7JythuK2B9md8AmtuQJvrI-o7R9JltfccDmbA-IQOtkFgDt6hoLcZsOiRZgqT4hPkDSfFyfn-cRoHPoJrCQd9cBynF2WKTRaYurAOoxcBwIvMwp6wVOSUFO4J0vY8yrccY3KLe68Rk9pIFUHr4an_Km9UKOgLPpzMGgQhXwc1uIXv3F2FclKKulftZpjVpPxl8qoKn_tiLwGEjQEk-WkjV3KWzIdQjNO2b4Il9rU6jl_pDdZKtwIPR_hYkXzWmudhzp69BYKPz6P8Mxri50rRyYepSbfY5mOXiNvy1z4mf8ncTQ-ustsZSJ9dAI5PCH6NCnl4YnUHnjdM282eFmCgGfSWKHpRdfIeI5o3eFe1YAL4XO8rGbTGHYLxKBOl-pqBw5tPcSW0OzTWNUV4xhkAkk1z3R_5AoGifD6KXcY_MQsIpihf20lN54_RpWoaUEqXetmSYPOXxkvihYY5h8OMlnpDHio28OqmzJwnZcoxAd0B2WrBjbgpoCKhCr8KmhwlUl6bNCm11_FQdfQyQXR6lmzE0q3ohYsgPZ_Sba16r4bdA2x4asw2CnW6OxIAiN9sfrYEZFaXJ2MzWL08W55ZFLY4lhfIZaq2TGAnS18olcBNQ2FvtiyJqQ9uz2qtAtSbhDyLgBo2QPiaZBmA7ONWt9H_nn7gXDzflmalZQ9kBIv2q2crPiFztfgqavW13QvbeZmqHnRboJi2d-KeEDIbHbdE4k_fZLp4-odSUdNvm2D8ZYglX16vW-imya-OrEgj67JI9rDI_XuYePGNXWg6G0UF3TYed6DzRAZYg6v7ZoQke2aADvpSmVisMrEvYbUtmRByJJNZTr7KRz18EKHXAY_-8FOB4J9fjBwk9gxVLYVU_0yEyPuwZdQXqCMNOlmCkyKHckaEd7472SRyRCGGBkivcI7aBqW4ajyp_a89yK94mbH0eZAomGQQhAs1oV0bFnAwPbL3vBcWAqiQB4NO9D-mN5qzd9W048JBdtXn-QugFvlRvRvG1QDzT2zjfrDbTsEybOuoT11B7AYnAc0_xac2DRmOPP7ZN5uCveGk6DJNcKlZ9g5UMTmJeamUFjSF1FGlwvlXAoLE8PFZFsoyK3k8YQQwt-_EXJ6hSW58pAxOyUoXltlR00I&cid=CAQSOwDUE5ymFejyBwxmFQrC8YYmz7IJ4V__2L4o9tUr5QQxjSkb-_elKiespJxf0K7RZ9-ypQ1uzSvDWVMlGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=14238044892996320000&adk=792902355&idt=177&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10982
x-xss-protection
0
server
cafe
etag
3642240749246652247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 922B 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMsHklIoG-ocaRf3BklJsBg&google_cver=1&google_push=Aa02lx8HvLX_5dx3tI5bjyQln6BCUaoC1FKS8hzLkgYqEnOniVPWj6ya05877-JQg5aUPmfiByUnYkMp1Fga_TWHFo1rnF_XPbn-
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 922B 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBxtpGgsc0h9fU_qKEoKH_s&google_cver=1&google_push=Aa02lx-Z07u4SHy72tOFMhDz2row4R9sDmt6Dl4GMVt3JZXDdnq4u8tOJPqnsAHGQnvy8qhftX_jEmpZOTeeM4creEC-kVKeKNJe
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:52 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 922B 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEBJm_NY-rixffzi_hWTG60k&google_cver=1&google_push=Aa02lx_BpbAqP0IKD0YD6dePh4v7M-PzkIwUPNVO9EZENjbqPao_eW4s_N0ZrtF-7v2LYtURw7zrC37qmUdYGWw8gLfjo8uCQ1o
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 922B
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEUN0FLv8xW_0g9AHQZ3dVc&google_cver=1&google_push=Aa02lx9LEdo8dKLBKI3hT0Pae4yKNCEXbfMSbiHWTGKx7JIJwY2RFIqfjglCr_THm_rxTg5vWQPBfsc-1gbT0m-P...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KMK1mjRnQl-k0Vk4owEMRQ2&google_push=Aa02lx9LEdo8dKLBKI3hT0Pae4yKNCEXbfMSbiHWTGKx7JIJwY2RFIqfjglCr_THm_rxTg5vWQPBfsc-1gbT0m-PM1eh5PnyoHJj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KMK1mjRnQl-k0Vk4owEMRQ2&google_push=Aa02lx9LEdo8dKLBKI3hT0Pae4yKNCEXbfMSbiHWTGKx7JIJwY2RFIqfjglCr_THm_rxTg5vWQPBfsc-1gbT0m-PM1eh5PnyoHJj
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 08 Feb 2023 13:18:53 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=KMK1mjRnQl-k0Vk4owEMRQ2&google_push=Aa02lx9LEdo8dKLBKI3hT0Pae4yKNCEXbfMSbiHWTGKx7JIJwY2RFIqfjglCr_THm_rxTg5vWQPBfsc-1gbT0m-PM1eh5PnyoHJj
x-host
tde-deliveryengine-production-fb497649f-w4d4z
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 922B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECnZ8yRmEzQUt645o9p7gOw&google_cver=1&google_push=Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5GOYAHg_...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECnZ8yRmEzQUt645o9p7gOw&google_cver=1&google_push=Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5G...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5GOYAHg_lZy-uqY&google_hm=1m0D7qtFRG-ZN-VTdwwosQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5GOYAHg_lZy-uqY&google_hm=1m0D7qtFRG-ZN-VTdwwosQ==
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5GOYAHg_lZy-uqY&google_hm=1m0D7qtFRG-ZN-VTdwwosQ==
date
Wed, 08 Feb 2023 13:18:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 922B
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEKniTfI2cnjHEn_AKKVrq_g&google_cver=1&google_push=Aa02lx-I2Abaye8NkeOcGmn1Qn0964tyUiqiCvSMHbzOl8fO-Lc8lqNF6Gh41EG08Nh2OFwEZxEJt2J_SPDqhyY5JDF0IF...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKniTfI2cnjHEn_AKKVrq_g&google_cver=1&google_push=Aa02lx-I2Abaye8NkeOcGmn1Qn0964tyUiqiCvSMHbzOl8fO-Lc8lqNF6Gh41EG08Nh2OFwEZxEJt2J_SPDqhyY5...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CohpvaW6SFiwVixCZBYfwA&google_push=Aa02lx-I2Abaye8NkeOcGmn1Qn0964tyUiqiCvSMHbzOl8fO-Lc8lqNF6Gh41EG08Nh2OFwEZxEJt2J_SPDqhyY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CohpvaW6SFiwVixCZBYfwA&google_push=Aa02lx-I2Abaye8NkeOcGmn1Qn0964tyUiqiCvSMHbzOl8fO-Lc8lqNF6Gh41EG08Nh2OFwEZxEJt2J_SPDqhyY5JDF0IFquiU7J
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=CohpvaW6SFiwVixCZBYfwA&google_push=Aa02lx-I2Abaye8NkeOcGmn1Qn0964tyUiqiCvSMHbzOl8fO-Lc8lqNF6Gh41EG08Nh2OFwEZxEJt2J_SPDqhyY5JDF0IFquiU7J
access-control-allow-origin
*
date
Wed, 08 Feb 2023 13:18:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 922B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEHT59Sj0jVXGBBRQng_Bm8I&google_cver=1&google_push=Aa02lx-jIOJlxyIYq6gi2ozY5GM0EI6gBnbkUYhNSqifBry-1virAavJMQ5Rks2vwDISWBPgZIBK51yj-RPcKRpSYW-jxF_-YzcL
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-jIOJlxyIYq6gi2ozY5GM0EI6gBnbkUYhNSqifBry-1virAavJMQ5Rks2vwDISWBPgZIBK51yj-RPcKRpSYW-jxF_-Yzc...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwMzk2MTI0MTYzNjAxNzg1MzE3NA%3D%3D&google_push=Aa02lx-jIOJlxyIYq6gi2ozY5GM0EI6gBnbkUYhNSqifBry-1virAavJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwMzk2MTI0MTYzNjAxNzg1MzE3NA%3D%3D&google_push=Aa02lx-jIOJlxyIYq6gi2ozY5GM0EI6gBnbkUYhNSqifBry-1virAavJMQ5Rks2vwDISWBPgZIBK51yj-RPcKRpSYW-jxF_-YzcL
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjkwMzk2MTI0MTYzNjAxNzg1MzE3NA%3D%3D&google_push=Aa02lx-jIOJlxyIYq6gi2ozY5GM0EI6gBnbkUYhNSqifBry-1virAavJMQ5Rks2vwDISWBPgZIBK51yj-RPcKRpSYW-jxF_-YzcL
date
Wed, 08 Feb 2023 13:18:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 922B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LwzJ8bQGUmOFN8L04WiamA7WyMxa1mGAKbFoGCVzeQTbkK59W4rEyrp8-aTiye2UE_E_qc
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame C42E 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BpkI1O6HjY-fUH8uugAfP-ZqgCwAAAAA4AeAEAg&bg=!eXqlei7NAAaq5O5FiuQ7ADkAdvg8WpuC8OXWRH3yxfYAkcGZjGcUSB1ZBlJEYFol0MvCmRIee0EdUnY2jVJQm_KA96TSZ_7X_j8CAAAEeFIAAAADaAEHmQLxZX4Si7w5EAYvQux9HjHeoH-hSX8ZwZ9jLh_9lnYkT_ArwaB540MaAvWcpS28GB5WjyQZ3LxpuM6Th6tFKz3zDdYL4b6Gzisfi7lkR9bz5FJ4OMfhuTlogr6dzzm1I1d7abY7fw-LzZuxSsIjfAs1sWWjbD_7x6lqhYWAoSkZsnK10zXoz-lE9gt-3u1oFNJYmPaJxWIawtDQ294g-zfn0rV5lykQwVmbdO0oV8PQhbCBQEuf8kMrRYRhGmLsfjdS_DPaVF115Cb0kQyLPczXWu4sK4gxl8qOfOhO4FHEI-NvdwZhQ0QwuMNutIQrBI9rjiM52o3Vbpg8PwcndtaLGhT77dIzqoHFk_JqUQcd9LB0KolNH8fAE0-R7CosrvnTmRrdsruQHbabdXy57HwBKc7rfGt_0Z7vSaaeUmNZ54wxm5uLAYp9JeQ7w1UnatCVFOnZ6k8RM2bwVx53QTaqwgkUJWF1sfeLU132LoQ1qRzHAvep5X5_t1i8qeRgqkTtq1V3er1WkrJzq-l4PFA_pssUaeDrEParWMzVWmJ7TPIIUfy_zMKoIIkuwmtkXYzEa_9QtyReQ2BdD2ZVVRs23cHFR3_vlI9SixjCF8yLG923XGdOghX-e00hsvSGvwcJ-B7vfA5HtQkQGc0IlABTKQIscqi7k8dachTI3i1nxcH7WLGOHppaHc_ltHJd46HvFOG6_i52HQoVWagEu1D_YIcWVNOETwBst7BZynZDkvUXC5vn6-00z4HPLV6yqEzVqXR5Nks8ucs4WgmKreS9eWk1W9IHy3PQabKVJYTtgC0OR7wEx05cQTMSIG6MrAiGGgwR__A02cwXpCPemnXbYVur-sV08bq3Y0qAt_jVlrXK-fYEM8rnmkT_thS9imIP5XiyGyfaqqbN5BYU5j_4Eq-5bv2llOUD-Jb_MIiGIeTpZJyqH6GZNo76bE8IjU0oyoHi22xVxKNSAGIbQMi2ACDOTu5dxZxEBual6RnHaCr6
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 372B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
4.js
static.adsafeprotected.com/ Frame D68B
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634094/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_PKHjY7...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2304:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 20:06:24 GMT
x-amz-version-id
qrt3pF_4Vvz6PZWnRfDI.rUotCFonger
content-encoding
gzip
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
61950
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 07 Feb 2023 20:06:22 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
4EfsFo_4H4j2-uBQxwQtbRM5A58bleyyRM2frrnSsHAD12xvXNmzjQ==

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:53 GMT
server
nginx
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame D8AE 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
12087757
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
WDlBNien8FBFnka41OF2QxmmFaEVhyS1lWhPP4-mDMLDBRxQZbW80Q==
btn_cta_arrow.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 1C0E 		363 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/btn_cta_arrow.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 16:39:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
265
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 01 Feb 2024 16:39:18 GMT
kia.woff
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 1C0E 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/kia.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 02:16:27 GMT
x-content-type-options
nosniff
age
298946
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23072
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Feb 2024 02:16:27 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C6FF 		134 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21622511100%2C22227164626%2Fflaresenha_multisize&description_url=https%3A%2F%2Fwww.flaresenha.com%2F&tfcd=0&npa=0&sz=480x360&cust_params=place%3Dslider-video&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1539326959294067&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=google%2Fcodepen-demo-&mpv=1.0.0&sdki=445&ptt=20&adk=326458147&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=F797C5D8-0A48-4BF5-BD35-EF617C76F226&nel=0&eid=44747319%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fwww.flaresenha.com%2F&dt=1675862333596&cookie=ID%3D31324442f7fb6d90%3AT%3D1675862329%3AS%3DALNI_MZHUpdnHuYlhf7O9ni28AhmPE_lEQ&gpic=UID%3D00000bb28538ee96%3AT%3D1675862329%3ART%3D1675862329%3AS%3DALNI_MYBAILw2XC6gnnyxDZQy8usSBUKKg&scor=17591875537164&ged=ve4_td4_tt0_pd4_la4000_er9200.802.9356.1102_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cbc21ba29bbbf743d17b37885c74f746773fd27538d338f35de197cb3f9fbb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27023
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D68B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0EF2 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
etag
48472445140208031
expires
Thu, 09 Feb 2023 04:54:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D68B 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d8d33afc153ccba2ae98714452078ae2176c0bc7b4bca2c7592c4012c92529d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame D68B 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6aed40d4-362c-749e-7fe4-618707a7622e&tv=%7Bc:3Dr62m,pingTime:-3,time:171,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:172,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B163~0%5D,as:%5B163~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C163%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g1*.990511-61634094%7C1g11%7C1h1%7C1i%7C1j,idMap:1g1*,rmeas:1,rend:0,renddet:svg.us,siq:29%7D&br=c
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame D68B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6aed40d4-362c-749e-7fe4-618707a7622e&tv=%7Bc:3Dr62o,pingTime:-6,time:173,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:173,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B165~0%5D,as:%5B165~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C163%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g1*.990511-61634094%7C1g11%7C1h1%7C1i%7C1j,idMap:1g1*,rmeas:1,rend:0,renddet:svg.us,siq:29%7D&tpiLookup=ao:www.flaresenha.com*%2C3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com*&br=c
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
1
servicer.mgid.com/1374018/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1374018/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1675862333689877610948&uniqId=09567&lct=1674691200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1260&h=4513&maxw_7=336&maxh_7=279&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fwww.flaresenha.com%2F&lu=https%3A%2F%2Fwww.flaresenha.com%2F&sessionId=63e3a13c-10b8e&pageView=1&pvid=186312dd3b8898d0354&implVersion=11&dpr=1&tfre=4808
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c0b81c9f085c4c4eaff2f7a3ad05f8a7d6f50f8831e836551bcd0de576b7a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7964a761eddb30ca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
view
googleads4.g.doubleclick.net/pcs/ Frame 85F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuiwyXjcZTWqeYoOdKSiTXL7XqVSov4EuvCZMeEgmRqsrlvl1WJ1reR_FAXVcSN-FBM1f6w6qn8yWu1yuGFy2As29TfgDSB-l4HyKJcIgETFU7Ti5MGSnl9YcBTC_2JeUiZu1jdRPCkuZNndDho-QmMk1hr8B64EZJEbGZOFdysRCxB0AWHLJmm_OQ-InSZgxWd_nyh7DSSAEfCIE6VTDHT49yHUzJrA_GfBkbYnU1G4KyaXnJ3hqfBLWOLWeuQq7MvSScL1CDX7kOHREPZSqi2-Uxt8Jvzynm-SnYzqZeZIJfNO_LpBA6zgLj-mkyHCKYhmQbDyemIk20xPJWfwQZplHYyIB1zPSdNn_u3DaLs43BM4fnP9MGGzN7POlt8achG4cqy964A0ddtqnaJIEwm3esAFzGYCOP-ySq3HChu33smvQc53Ptmdg7yjEWF_jHe1w3QFpbuJWuS7zgS2UK_fzx_XCyg3S5p3y5Z1wfmHu42Xk8-9KFa5O3fo6Que8E2pFHfOGy4OK7zzq7QC1bQDXFulF5wZzqbZc2XFGiQt0ZfHK0-DypSwHwywe1Sp_yw5QoVnchLvavME3uYiHdo1t5an-BF00tlbbGHRXyPZRNSFX7lIoWax4dfgF1dNT77iHnfm9cmzDFisGBuDLWBwWsEzAcWEH2ZSWi1hO66h1OTa5Kao-UoOU_jfKvA8SpMWXWENKqpy7EEONquSx3XSsBpB3JvINzia2idjsf-0JR1AOZ4X10H-fOtmFzW2-iEYoo7i5FsIlUGDyk1_lIQIjrLUuo1P5QpT4lkhNVWIwDEgxc4CLppGUxxJ2-YpKEKX-CDMFNbRxvN75ncAmZibwKyrnSwSPHVVcPgisgPBl0fFq33lYARtxcvldUh2I8IlWRRE31baKZu7HOx1vIdlzkWSPtyy6nlybhgzIPPtWlbmUzBiaPL87zR42Wdy6qmPu78zi01BkQ4TAxJvb-QCsVLSZP1_n1vpCyAxpd-ehzJmBsQUDGNTBXh9yE31wv-f6OphTXUsttZyEdyd4yWmRWTN6kHsvo-mgJOnsW-zayGR1D2Vp38Urh8Phui46co4ze7AAYlhFP6QYjZo5Uu_KCP02Oc9Ij_8mQRCQm0VRdcXM115KtR8iE-R9ERsdYaFjmbnVUD_B7SlaPF9USylqm9pT9jElZ76D4uEzCUmfuAjV4hEPjXlzorJ0hU0yY2x4MVAvt-cX02P7l4bLORxALr05BTfD4Vxg2QrOt8wdP8Dc_0mVqLS6qYu2evt4bD_FFbeCJaZtVMhh6uc65GQFQJ9_SPEuJy9S1Z9eloxirHyEneJo8GH44E&sai=AMfl-YRF_7jPymKgxI8p7SVGnwOxsnrpf2zh2ADHRbbx9mnVCc8fBo0VE2eZvCgjexqZCxUdL1Rp5hLvCV5RolktxjbPr6CJDJqDRMYFRMgUejnhWuzk23tUK8-YY8Aehhft-pyEf-l1JEcQ4u1rsLzbJYs1bkXTmAf8QiUs-v5vpWL-K_sRoS781-35F6YiIw8PxXeT827uFGiWGIucJbqTUEDFxjVPY1v_o2C9OGPkIXH4aGd5L6JIlPpe-KcgBa4ZudCu&sig=Cg0ArKJSzMhOWyZMsB_BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1643&vt=11&dtpt=1005&dett=3&cstd=633&cisv=r20230206.96852&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:53 GMT
index.html
s0.2mdn.net/sadbundle/12786026858647040320/ Frame 96F6 		116 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96915a5f1ca808fc1076bc123ff15c4b12ae1e78df5430f7a3e47af5300e6d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
29462
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21281
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 05:07:51 GMT
expires
Thu, 08 Feb 2024 05:07:51 GMT
last-modified
Tue, 29 Nov 2022 11:07:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D68B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOguwQQDm-kmLfdJmaMcAk3lQARnv2s1sR-wzR_6eTeF_PHae7Pfu9KeYZPU5Sq2YdDsN7b4B4NTlsVAaoABNLmkys69mZA6Vwik70wEA88Ycx93MZUo2tsTXuwqPP8AB1gIW4irG4vyS7LBtUalePNszcKSgvXlhKywvkVNjfUZWN526eRTvMjz-Jl4rtOzmys35EFjwGT5MOglAsCAl6gdVMCo0UpFxqLwctMfKlfmnQaNkLVC1NTDRMgncjXBpPXeR75BxILOONipqr9RNxtrfWBgYOTKKNw2IZGtjd1onRoO6Uqz2c9W2FWbMMZfv7ftCXlk5WSgTtpn322pu8B642vpm1p0eEUcQPi0bpaxeJQ8_Er95pBXJGnLP9oxlJWBcftCcZdQq7hpV6xk2LuAnDmoLIGijIWDVMXE5UW5TQdxhoj3f1U76eFA-wm5u5A6sxzqezi_npIAhV2Xt87MVNjwfCx44FshJxcFHze0WCbUc3O2S2JBJg5GATDLIskB_AJ9bo5d5bQBC-qGm21SoaNZjIWLCe_QTdnj9M7mxLV1uU8-K3N9GvUaG4DlXRcFMQWAR4Sd0VYl6BDQ3dQyIzXeAb4VA9k2nUnsI8Qoo4XLEd2c0nMg0dUvxWcXrMhwJg1Ro-aYpRt9MYy7rABdtE6VOXPJMVkVyPUxe-pwFos9V-2Df3MGSihexrDMQirk7z7OQOd2xCMUD3txzjqClSdc4cIYRyBCNdRFP_vHIEaZPIjjYEoSRcn6QUvuRxzVY71DcJMGAsVghLQenxNLAhk86ly0s06G5NUj1oAxt3YXXYW2nxF4phN7xFArj-lfC89uIyBV2WDFmCHw_Vg5JfRDNTU3Rv5ziF93sd0wwDbufSfWyhTEUJ6ZhFAzKCnRZGRCEIM7FVdXVlsrwid6Bs6YIfHmACISSAIzG1lvpLeHd5aXbXp3G_DHC1UMAJ2PxmbJfn_ynfjrNzZAXPup3RjxC8Yji0nsU-3_uQCUZCwmAPgLR8f1Ry6QUxMGoSJZr01lSJm9h_mvqkZq9tAdMY_X0Or225tRG4lYw4TwAvuudPWLv0e8Ttl--bEaRuHMA_fL72I74trKeiT84AYvBQsnu6loQ1XMv4RjXoPEE9fHMNZvAlXRtwGukPm8NVhkGfocLRxXMV7uEPOWklJLOeMCTWZ8BxFX3z78Qxrqfqv40DBKCMa21vKBVub-20G9xh58YPd1MR4iUfWo74Pz5CCTsHTRLPCiuhxw69Bf8qYo7Y_sadBsaqPAXjIDMsOEqtFjeRUKsm_nAdguGNXRhdS_5FR8UgDzKUgoJ6ag-6lMfteIPUeqtQ&sai=AMfl-YTjwhE-R3FQGVUrwTGftzHDPg_K_LXI62s5Y1_FatU4IlfMAyBlh61gLvBVbs3LJvr6_DiDYhQ2rx_0q33PXGzIyRi53la7rjGS3Dtvh8XgkcSgoaHa-UpBvK0oMk7Zk4mOhfyJ2cL8RkIQl7Abw1YR6QoqeVA4rTicQifdHisY63HjA560LP17QuTLrR5bFhMTV944S8hYi_-ZCiy3prxoGa4UP7XNw3x_Xousw1UbCcFzEq_P9R9mYPXF6WupoDDT&sig=Cg0ArKJSzM0CCZwq3g_TEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=533&cbvp=1&cstd=513&cisv=r20230206.66805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Feb 2023 13:18:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:53 GMT
dt
dt.adsafeprotected.com/ Frame D68B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6aed40d4-362c-749e-7fe4-618707a7622e&tv=%7Bc:3Dr64Z,pingTime:-2,time:334,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1033,beZ:1035,mfA:1038,cmA:1040,inA:1040,inZ:1046,prA:1046,prZ:1055,si:1062,poA:1064,poZ:1101,cmZ:1101,mfZ:1101,loA:1207,loZ:1211,ltA:1367,ltZ:1367%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:27%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:334,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B325~0%5D,as:%5B325~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C163%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d3%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1g1*.990511-61634094%7C1g11%7C1h1%7C1i%7C1j,idMap:1g1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:29,sinceFw:303,readyFired:true%7D&br=c
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 883C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6E56 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30271
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
main.19.8.390.js
static.adsafeprotected.com/ Frame 6E56 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.390.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=18513647035&pubId=1&placementId=396819421&adsafe_par&bundleId=&dealId=&bidurl=https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bacfaf4f24a8c99c48c29e32293cd6207924d289b2bc1da4bbfeaf54b03f19b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 15:20:59 GMT
x-amz-version-id
92LQopFh_7IbkJnbrvXbYa5ocG_FxdQW
content-encoding
gzip
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
424674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Feb 2023 18:40:44 GMT
server
AmazonS3
etag
W/"022987f281b11cf4cfb9b7bfe65a2517"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
AJSd-ocK5SAUKvM_6dwRuqx6vI9HEepwRaGccSi3zTGKvog-9JniSA==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6079 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30272
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
etag
48472445140208031
expires
Thu, 09 Feb 2023 04:54:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6E56 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4c45e9f5a70eeaa44b9acdf728f147e56be244c838404ced8ab9fac9ee61146

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1C0E 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e6bf080d39316889c05eaa2c201392ada3426fcde31460785978fb202e20d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5674
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16644202875967455809/ Frame 220F 		1 KB
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:53 GMT
expires
Thu, 08 Feb 2024 13:18:53 GMT
last-modified
Tue, 25 Oct 2022 17:10:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6E56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDYZiW4d1d3ow2w3xrvzftK_9mEM2JORMl_gbz5wf7NFnEh7G84LzvLYf0i6iE3Kgb2t6_7m_i4HRNors6LduOPvgr3fBQvxSqY-S-7w-oc_qYt_vU9kisDpkNP0cy3sTviolLmSlyOuxETrVVtPv1NAw6mnauhhJg7CM1_3V0T21Kfds5p3cScI4qrWqJd_L1kDnS-E1DOQ4U_BzhJ_mfx3eJlTk3RsMP7jbCoXjRM6KKDR9m8hJ91n0hAc_wlpjbCbO_ayFvgQs-Jyagjgqy4icldCZ8VNK1Dt7hW84vuKLw1ghWML7ZXxXO1AC6oUi5EVecGy3mzj6cdK5r6Kal5Mz8u-yMajF5mAKNdvzqLId-PtfBK_uy1N6HCQDPorucXB4Y_SBENLqfz8lFgP7yxck6TvH4U0HkIykphzYzVoyjE_zHJWtpyNA2VxQNGDK_IvGmYIpBl3WYrbXaNNwduWcauFDcEPngHNonWWJ2Oq5PTHncBKDNBWzd_Gwil57TY_ONow7jWaAxbxioYBuFPKQXdc3HNXSCq_RZ8gu8qWNaSbw_B0IfjJNKLifDMudEF5u7JvJoJos1PvsCfxG6o7nT60jdSf_firwKQekLOQbzGT9LWPZAEVTwIdFtaER4Aien0TLD9mmnBzhGiY0maL_VblkRLHqo3I8G6FFmmybctwS3F8aJFHjFxJzXJUhRjH74HHh__p4CFcxqrDK82vLc_ZNVSvm-Q3MFI0a3CiFJ5JPVXTHg5Bug_AiV_JFkSRFo7BN4qUrCkN2gVmPUA2UCH0ZH97DlO1SmkwdkGP-3lcQTR_nw6aN_ulsuXW4rsfbTCpptf-uChutK8Gpu49Z-tsRqxX5wCgEIJ2cDxI0_HhJl5KPI8cXmFDYHMXtMWwlem9GNPIc08TP6HfS-xbsEGPhjouF6omy3a2J-mlw-qvUx49KjTPV5Y96Q23oeeVwtmQYgoD2_HSZwVIS291GVX1hkHRyfUzwrZnCAIqMKXQKt7wtdP8fsbnltVzjojT1QPLJ9XiQ9_Zda2op0hVOS5qmM-Z4M-VGgQqNyyPYVwjGJYjb_D88z7qjWu6aPlSSbLfkPuGKuOneaQ2bqSt6HdMQcRubgF-U2K36PJXbjLURYnvOGj8ebk4OgpyFbE5P8PHCsnZEGO9iDOEjWaN1FjPQPPdGvdRjFasZElFe1s14rI1Tr4X7MAaHjfhLnEYHYeD7uWIp9Xy28VWu62S3MvRT1lFwHTwx2hx4sZTRTU_Xnr9D2XOUsue9RfdtcMNRg01gaAQO4Xtc1Jl4pNKHCars850MJkgOhEFx6CCYJR4m31UYpHsOfEuZjhg&sai=AMfl-YQqgENKHUGV1RDtq_xqiGfolapYHfMZlpeY4HNSK31HaCEg_GKcVBo230S3jq1ouBQ7cO_rHHLCVy7bFNll452tLFxpiVDg8YYveATkQ1IrbahwlOfOl9n2arjwk4g5zeHFELMUkyjX4FSjfXVYxbauyruiaPKulQMYqsrFWcnpTWuSMhjmimbPCPtls2BHEQIjrnZqQ07UZFQ6dxSYoODVyus-_1MijDoEud3U4Pz98GUE1uky5db1GXQAYisZmA7L&sig=Cg0ArKJSzPG4eQb_R48VEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=561&cbvp=1&cstd=554&cisv=r20230206.29925&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Feb 2023 13:18:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:53 GMT
ai.aspx
m.exactag.com/ Frame 6E56 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=322783817&gdpr_consent=&gdpr=
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:53 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 08 Feb 2023 01:18:53 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1119
Expires
Mon, 26 Jul 1997 05:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 96F6 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:11:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 13:11:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame 8AF6 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoP5HRfhiOKuIE-oOOuWUeUkwwdVdcgHS0vRWr-IUju9abwU9J1ffwCfIlot4ZjzK7Y3XGQCVayr5JQ594-AT6yi1hXgE6wcloFLP3jb4yv6J0NT6VHiZZJ4K-k240hodMYpvGeGUJE2KXqJ-LIE8vGkAhBeSeTOrCaLOvKTbynUjFD5M&dbm_d=AKAmf-B0f8R2DLtEalutZepMOV_-CaZJss9nL8O8Rw91wweOXwSGfpgWhkUhYPASASxA-ZdyqsrFFxypBc3mItVIk0S7cQsRVaR9wmBQ6TpVW3p1TcAOaJrZI-YNBdICKY-HfNj_O9RPk4mKDT8VXL5Gy1FbRKPYYXg66fuFQ1SvHue3Fgc4IBFASHavTyasEBYMdDzMSBKA3DUIt3-8giYE3a-yPnYx_mT3D5jYfzZB9RK4b6jHVp3Q3vsGrS9W_cRB6J-ZDl5OF1X7wOS6M1AjqAMVbJLRaQlZukdJtqJ-4T2I6Gz7XvCHUruzdhlzZMByvLYEqiURgzEQz3Gb08uT-Yrry3xsGDZc2GJyameppIxyjLgyK_3ZZuaaRJMB9KXircv9U4A-lR9ZeUUJ-o4kchE_YapO2i3en9s2su4Okf46EdRQscRZ_NQFwA9tHPPGReZFZhbGQQLXhugO0LtHdMxLtoCHItOdZDCkXXTJFi7pTzuZQRGQDqn1GGuKUAs0qY_ixV4w1_cySwSlaGw1pZ45A-F93Sv4QfddIFbpE210VC7xswDSYt9CeIo1si6Q6EEmOBjCuPFl6gAZqZOsi2VGIg9jOBKQdADOLB7QhQZoAWWms4uI7WIDnNbgAi9bYDMcmcSxhkBkBsvn4t5IsKuzxTnH5u3ZsruhY_8ftMvdngBz1WuywXtMXI1IKktehoMoLWe9UMaSdC3h-j24KqpNHIRBZVYeEgaXdfOKXIClSiGvmmV-PAmWOhuJ2DfQ2opWQ4_69iPAqCJIL-bl8y6mL7T8Qahl5jGFURawL8S-HwJ1KPkyMyfU49eAVMLXmAxTHcupTfALjL7cHBaLjLxooSUModuiHNfbHBkbbxKCKJYVphl34ZYaHV9f8J9TngX6yENnM5XKQlGOAB3wNIjWW-y7bXeSZ-qO9JlVye5AO72qu3a9-SlNHCt5LSeRaVJMSshsLr1Nl3Ezp4DfnhNc3p784_8a3M7cYyWb2444Exm2L4YrhdD0Qsi2PEbS5waHGRwzbVtp5l-e4leukZiCP4-32bAh-t5JaSxfFauSfPD52Ta9u8peqwTto60Nnnz6mtBrCHRgfiXzwWf6m1bzoAyQv5whA08cx--t6_7TDmTwtU4_96crWTECO6JxqAPbT7Sq9ya8rIQTusGLDOmhP_-7K50LBaWcC1MyTWFMwA2xcr-3UvLHZbVZ581P1WFvYaSgyfdL6EvWoUKXZ2F2mXIhiE4zWsjik8JCmOAPwror1qI056d724WbkyeQNdq43mjsK2OImgkTI-JZZbycw0-h2NwLjcSb25d6KVPl7QHDUkk2FgXeRnaMQTYGiJPoreIIvbOabNOCDXFZKyW9YMJVyWgdIFaj9dbS1TGnlkdSfOw1XvPVJNJibq15sYLk0cUdFzR1cHX85P7_h2KyXDsdTORsG_5KBU7k08MD7tMNDq6eZsjYpL2lFsyS5USm2DjrrAh-wxzpbxWy5JHT6cfuKblaT84O5EHjerFtLNTwT29fMQwquAKJZah3cyMab_Tt2dh6UzLzlktXYl8n_Fmq7PCm992T90PcI8_-RaS7Nx6O3jH6ULSRCWl0u-TcpMl0W33YqL8xVwY_yh7vJ40ByssH8WPOksnj9A9Y9GO9hq5ekMpZM3kHnNE_7g22aKP2rcSIRRr2MOSoFW5qkUjmdpbyaZ9a6qpEPuFqIod--lI3yvRNX1B8ibrTSsHeaSBnq-5A7w7uLy8rnM4EGQAgThr0DSDvHy9KU56yDeZ_exmiLdmMBUnh6R7vo2H3Oz0MCjag7cV95Ogx31OCV7yODLhmG_j54iJSG_uK-FuhrfVl6ldKMk4n1s0F3-qGgpWuj3gtCG2ozB7xKVlszc60R3DF23JXtSPyEm1sASgzgjL_d66MmnTHrWA3u9TkVI7bbYbHR4I6Dn6Q7S5J9w14_XtciU6aAMjtFtSHWHt0xzXhpLnuzNZ3oaGhzyMhizQDCWBK3-Gihf9uGsQSv06fNGAfM5UJPipqYams-Vh2eWi-ZjTb67enzDrRLEikzuDnVZP0mPnZIzW-074CDKY-yZc68NhSY19MAfA-MrfYkINB2ra0hJJqmGNgVzi107R4WG_nTKKY6gxBAPicGu5TjZGedVmwbIzElQ8q5QKIC2It-zS8k-fv6IpoHATfzgx2N5IuczRznDvGuyphrac-RgV5pTHGRaFKD00jK5-lRPWkJea6z8Y679jVs8qNwpWKNNJPNjGx66AWCizspEFQtfBhGvNUry9os7roVycUsTa36YGktoCa0KQToYvtQyab5Hv5T1bBZ_qFkOWCLlGUaXFhMtaxVWqsJW2eC-QJbXkn99Njr-aVCzzqm97yiods2x8SmYtnKBfh7_J_f8N5fRxBlOVebBPeI16Je34sfSI--56JzqeAm8QLjirSaBM6fo9Lmid77swP1kB-5Aao8UXVHACeSKPJifSIBcPMbb82p5YrCmIlQlb61-sYTV26b-hiclQ6CihpaIEJJo3iVxDFUySv6Xc0bm7WpkwCPxEtJVSwrtjCYlfNjzUrMGk9a_ABnRIhMK4QBbegw3OG6yjxRPuSdBWSXYOBFxEMvIOpM-e6MLNxvPW6nNlOShEIvU6agQPHYplQk_Ihz7JqADUbV7uloWWEWiPyFQCNZqfcwqx1qhmDdcgkN8jCaW9KVndBqaRlNfu0PQJOxmcSTbGj4onrcSGtexaej2XWdt6uJfykbjxrayjCFLc9XQ9ZIxx4Hah2oZHV9pwhkJdsPH979hkwVYJ7JhnWEL8uGFwtxX8RssOzBQhV3udyehgttFv5Lmx7dop-vNyBgZhq9DnGkAcpau-aETnPkdzm1GkbOABFlCH0EIVsmaxGYJ0Ibn3e1LPSLyXWbHB_G-kTeITPU_4dANEGytDCyqbODQ4-smyNhNsoa9MqNPwTmf-dDIrOy61drAik0i7W0Tsn3NGsKeO0RJyHN9ezPfnaAuycIJBg950VLLANIjvGQt3JyMZvj6t8cgttSSB0YR6_I6rcAUiEy_9tH5ekXWam1oo2nyF3fuw2owGvr16-qmmto_f9yZs_EIKfuyFBHsuhZphrgvaQ5BAKVA5BLgz0qWgEy7dbOoNpucZax6FG6YlnzqzTWnclwD-P3Pq-Q8mD9ps2x22R2xlYkRYJv79lJHMSGd08d1gqe7imm338qt9_Qk1OSfAV2PWkF31ihrkTbhyQra5jJeH0kRsiMiIUnupLSWQqkKXM6MSLN0vic-BTNB6lkhOsrE0GHmdhOUlywxB2jeI1ZiEMvWTCYdyWyKgei0GMeEoaPREEtQkqO1nvrEKnemR98z2dakuughmp56HC4r8f0AyA497jNNOfxBfoKd9o5R-HM4fZ7ERWfkV-LlEQazBmoZ5aKVZwT5Z6sz6t_iLnZkQ3pI5E_MhXQWlnlM_v9jk1aEZ_kFhly_FO95ceFW6JS5hXOlqjkS3GiHRreaXpaME9ofKOFZelqkkrz91chsomvPUO0sJeUtPoIg0YMg5Hdk5fC92ueKVRdx0l1jdxnI9k-cD_lCdPLQmuYsMJCJYL2CYjd1TQ3gTD5RSgsbcbz2hN5v9E43rbt4ytCmtxy588skYfhu7gSL7gXxSTRKTprpjTWv__cgvZVG_xvecKdjRpbXCgIf1J61acsHD66kl5xE7XaY_-NCEhchBf7HEdt6qEu85K4Rh55bhk6-xhcUqay91Z99FwNYmII_ql64u-KwqS5bKd658&cid=CAQSOwDUE5ymrkM24M2Igo9G-8h1xc7Cb_j5k2Gfs5bjOIe46SdPAA4S9hSkpRZGBHfv89eIBdhbDjww7kzZGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=4086399203993409000&adk=3037181500&idt=131&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30272
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10982
x-xss-protection
0
server
cafe
etag
3642240749246652247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8AF6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CoP5HRfhiOKuIE-oOOuWUeUkwwdVdcgHS0vRWr-IUju9abwU9J1ffwCfIlot4ZjzK7Y3XGQCVayr5JQ594-AT6yi1hXgE6wcloFLP3jb4yv6J0NT6VHiZZJ4K-k240hodMYpvGeGUJE2KXqJ-LIE8vGkAhBeSeTOrCaLOvKTbynUjFD5M&dbm_d=AKAmf-B0f8R2DLtEalutZepMOV_-CaZJss9nL8O8Rw91wweOXwSGfpgWhkUhYPASASxA-ZdyqsrFFxypBc3mItVIk0S7cQsRVaR9wmBQ6TpVW3p1TcAOaJrZI-YNBdICKY-HfNj_O9RPk4mKDT8VXL5Gy1FbRKPYYXg66fuFQ1SvHue3Fgc4IBFASHavTyasEBYMdDzMSBKA3DUIt3-8giYE3a-yPnYx_mT3D5jYfzZB9RK4b6jHVp3Q3vsGrS9W_cRB6J-ZDl5OF1X7wOS6M1AjqAMVbJLRaQlZukdJtqJ-4T2I6Gz7XvCHUruzdhlzZMByvLYEqiURgzEQz3Gb08uT-Yrry3xsGDZc2GJyameppIxyjLgyK_3ZZuaaRJMB9KXircv9U4A-lR9ZeUUJ-o4kchE_YapO2i3en9s2su4Okf46EdRQscRZ_NQFwA9tHPPGReZFZhbGQQLXhugO0LtHdMxLtoCHItOdZDCkXXTJFi7pTzuZQRGQDqn1GGuKUAs0qY_ixV4w1_cySwSlaGw1pZ45A-F93Sv4QfddIFbpE210VC7xswDSYt9CeIo1si6Q6EEmOBjCuPFl6gAZqZOsi2VGIg9jOBKQdADOLB7QhQZoAWWms4uI7WIDnNbgAi9bYDMcmcSxhkBkBsvn4t5IsKuzxTnH5u3ZsruhY_8ftMvdngBz1WuywXtMXI1IKktehoMoLWe9UMaSdC3h-j24KqpNHIRBZVYeEgaXdfOKXIClSiGvmmV-PAmWOhuJ2DfQ2opWQ4_69iPAqCJIL-bl8y6mL7T8Qahl5jGFURawL8S-HwJ1KPkyMyfU49eAVMLXmAxTHcupTfALjL7cHBaLjLxooSUModuiHNfbHBkbbxKCKJYVphl34ZYaHV9f8J9TngX6yENnM5XKQlGOAB3wNIjWW-y7bXeSZ-qO9JlVye5AO72qu3a9-SlNHCt5LSeRaVJMSshsLr1Nl3Ezp4DfnhNc3p784_8a3M7cYyWb2444Exm2L4YrhdD0Qsi2PEbS5waHGRwzbVtp5l-e4leukZiCP4-32bAh-t5JaSxfFauSfPD52Ta9u8peqwTto60Nnnz6mtBrCHRgfiXzwWf6m1bzoAyQv5whA08cx--t6_7TDmTwtU4_96crWTECO6JxqAPbT7Sq9ya8rIQTusGLDOmhP_-7K50LBaWcC1MyTWFMwA2xcr-3UvLHZbVZ581P1WFvYaSgyfdL6EvWoUKXZ2F2mXIhiE4zWsjik8JCmOAPwror1qI056d724WbkyeQNdq43mjsK2OImgkTI-JZZbycw0-h2NwLjcSb25d6KVPl7QHDUkk2FgXeRnaMQTYGiJPoreIIvbOabNOCDXFZKyW9YMJVyWgdIFaj9dbS1TGnlkdSfOw1XvPVJNJibq15sYLk0cUdFzR1cHX85P7_h2KyXDsdTORsG_5KBU7k08MD7tMNDq6eZsjYpL2lFsyS5USm2DjrrAh-wxzpbxWy5JHT6cfuKblaT84O5EHjerFtLNTwT29fMQwquAKJZah3cyMab_Tt2dh6UzLzlktXYl8n_Fmq7PCm992T90PcI8_-RaS7Nx6O3jH6ULSRCWl0u-TcpMl0W33YqL8xVwY_yh7vJ40ByssH8WPOksnj9A9Y9GO9hq5ekMpZM3kHnNE_7g22aKP2rcSIRRr2MOSoFW5qkUjmdpbyaZ9a6qpEPuFqIod--lI3yvRNX1B8ibrTSsHeaSBnq-5A7w7uLy8rnM4EGQAgThr0DSDvHy9KU56yDeZ_exmiLdmMBUnh6R7vo2H3Oz0MCjag7cV95Ogx31OCV7yODLhmG_j54iJSG_uK-FuhrfVl6ldKMk4n1s0F3-qGgpWuj3gtCG2ozB7xKVlszc60R3DF23JXtSPyEm1sASgzgjL_d66MmnTHrWA3u9TkVI7bbYbHR4I6Dn6Q7S5J9w14_XtciU6aAMjtFtSHWHt0xzXhpLnuzNZ3oaGhzyMhizQDCWBK3-Gihf9uGsQSv06fNGAfM5UJPipqYams-Vh2eWi-ZjTb67enzDrRLEikzuDnVZP0mPnZIzW-074CDKY-yZc68NhSY19MAfA-MrfYkINB2ra0hJJqmGNgVzi107R4WG_nTKKY6gxBAPicGu5TjZGedVmwbIzElQ8q5QKIC2It-zS8k-fv6IpoHATfzgx2N5IuczRznDvGuyphrac-RgV5pTHGRaFKD00jK5-lRPWkJea6z8Y679jVs8qNwpWKNNJPNjGx66AWCizspEFQtfBhGvNUry9os7roVycUsTa36YGktoCa0KQToYvtQyab5Hv5T1bBZ_qFkOWCLlGUaXFhMtaxVWqsJW2eC-QJbXkn99Njr-aVCzzqm97yiods2x8SmYtnKBfh7_J_f8N5fRxBlOVebBPeI16Je34sfSI--56JzqeAm8QLjirSaBM6fo9Lmid77swP1kB-5Aao8UXVHACeSKPJifSIBcPMbb82p5YrCmIlQlb61-sYTV26b-hiclQ6CihpaIEJJo3iVxDFUySv6Xc0bm7WpkwCPxEtJVSwrtjCYlfNjzUrMGk9a_ABnRIhMK4QBbegw3OG6yjxRPuSdBWSXYOBFxEMvIOpM-e6MLNxvPW6nNlOShEIvU6agQPHYplQk_Ihz7JqADUbV7uloWWEWiPyFQCNZqfcwqx1qhmDdcgkN8jCaW9KVndBqaRlNfu0PQJOxmcSTbGj4onrcSGtexaej2XWdt6uJfykbjxrayjCFLc9XQ9ZIxx4Hah2oZHV9pwhkJdsPH979hkwVYJ7JhnWEL8uGFwtxX8RssOzBQhV3udyehgttFv5Lmx7dop-vNyBgZhq9DnGkAcpau-aETnPkdzm1GkbOABFlCH0EIVsmaxGYJ0Ibn3e1LPSLyXWbHB_G-kTeITPU_4dANEGytDCyqbODQ4-smyNhNsoa9MqNPwTmf-dDIrOy61drAik0i7W0Tsn3NGsKeO0RJyHN9ezPfnaAuycIJBg950VLLANIjvGQt3JyMZvj6t8cgttSSB0YR6_I6rcAUiEy_9tH5ekXWam1oo2nyF3fuw2owGvr16-qmmto_f9yZs_EIKfuyFBHsuhZphrgvaQ5BAKVA5BLgz0qWgEy7dbOoNpucZax6FG6YlnzqzTWnclwD-P3Pq-Q8mD9ps2x22R2xlYkRYJv79lJHMSGd08d1gqe7imm338qt9_Qk1OSfAV2PWkF31ihrkTbhyQra5jJeH0kRsiMiIUnupLSWQqkKXM6MSLN0vic-BTNB6lkhOsrE0GHmdhOUlywxB2jeI1ZiEMvWTCYdyWyKgei0GMeEoaPREEtQkqO1nvrEKnemR98z2dakuughmp56HC4r8f0AyA497jNNOfxBfoKd9o5R-HM4fZ7ERWfkV-LlEQazBmoZ5aKVZwT5Z6sz6t_iLnZkQ3pI5E_MhXQWlnlM_v9jk1aEZ_kFhly_FO95ceFW6JS5hXOlqjkS3GiHRreaXpaME9ofKOFZelqkkrz91chsomvPUO0sJeUtPoIg0YMg5Hdk5fC92ueKVRdx0l1jdxnI9k-cD_lCdPLQmuYsMJCJYL2CYjd1TQ3gTD5RSgsbcbz2hN5v9E43rbt4ytCmtxy588skYfhu7gSL7gXxSTRKTprpjTWv__cgvZVG_xvecKdjRpbXCgIf1J61acsHD66kl5xE7XaY_-NCEhchBf7HEdt6qEu85K4Rh55bhk6-xhcUqay91Z99FwNYmII_ql64u-KwqS5bKd658&cid=CAQSOwDUE5ymrkM24M2Igo9G-8h1xc7Cb_j5k2Gfs5bjOIe46SdPAA4S9hSkpRZGBHfv89eIBdhbDjww7kzZGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.flaresenha.com%2F&ds=l&xdt=1&iif=1&cor=4086399203993409000&adk=3037181500&idt=131&cac=0&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Feb 2024 04:54:22 GMT
motif.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 1C0E 		451 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/motif.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 18:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66199
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 07 Feb 2024 18:55:35 GMT
logo_kia.svg
s0.2mdn.net/sadbundle/7024728442041512453/ Frame 1C0E 		1 KB
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7024728442041512453/logo_kia.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 16:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159627
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
674
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 10:58:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 16:58:27 GMT
23717839_20211129024308338_bg_01.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 1C0E 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211129024308338_bg_01.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11e26dec596142c21e667ba0ac19e731f6f65f2a5151f6f7515486bba9eacc6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:32:05 GMT
x-content-type-options
nosniff
age
31609
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33153
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 10:43:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 04:32:05 GMT
23717839_20211129024311596_bg_02.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 1C0E 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211129024311596_bg_02.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d44ad22ec2d377c2fbf5ea484ff9dc9de9c9c2951bd60e439f48bf1933136102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:32:05 GMT
x-content-type-options
nosniff
age
31609
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47653
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 10:43:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 04:32:05 GMT
23717839_20211129024314763_bg_03.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 1C0E 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211129024314763_bg_03.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45f76e06a4f9e2cf17c0a5369b5431deecf8a3e3663968b1697ba3036d5d614e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 02:50:54 GMT
x-content-type-options
nosniff
age
37680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39983
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 10:43:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 02:50:54 GMT
23717839_20211129024318002_bg_04.jpg
s0.2mdn.net/ads/richmedia/studio/23717839/ Frame 1C0E 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23717839/23717839_20211129024318002_bg_04.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3cece78973668b50c0fa355e7ec2e74650487062c5231c4aada5ca0cd9ab00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7024728442041512453/index.html?e=69&leftOffset=0&topOffset=0&c=RPdBEQZblb&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:32:05 GMT
x-content-type-options
nosniff
age
31609
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29545
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 10:43:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 04:32:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 943C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRV-2MJL-_v-jccrkwxTacO3C5kXE3N-_3SxUZHXocGKWKlBKpFrOrKrCBJaMycH0cJnX7Id5aPYf9wnkh_vvNFeHwndVR1-6ooS0yKn5YkJw-fktOxv0T6uVARUkZ0NmYomQnEVS26CQrvl5RwARorwuok0P8FYQ9cTTeMmiMYZu6k8ndgcvYRMjXfzJRFJ4lYqFGxhbrNnxbhr4LPen0VHuep4zqK1nlzSCjryGzNg3i6lb_Xn1wn19pHCwPlqLWpKh0mFt-0hAd0hdu908n8hadV6LkRIS1Ej3yqQj1dPLXlMIOwUlYyiQRq-03OopevNyyuBBiaSbgG1VeyrhF2fVPP4uvCAMZcPfSXZETI0ygxFm-jKisDNUu_8WthmMSWHH1AvclHwaBic4vAlGYFV73uG7-ynEoEtCNY7ycBgy9sXZIM-skd83RsINI_CFguVo7nBmlC0MGEbdR1UKrxQsvlLT4mnAeAm2qSeZhqovNxfuVOUwz5vRCkjfK_xaM8hHDZpFYp0_wiCuM0u2vDt9PBOc5gbkccsK5eYD9TGHAGyznn6k9_0IJaJW4ePLKRVMmmF6Ia3wNvO24jG998p_jxKarwm5laqKY3o4jUYVfVI4Wg4O5SRq3j0_ym8FfBqxz4vydLu1Q2GYSZ-v0YyEa6mBoDLiyVktXdMddjX8XIoV--jRsxMrVgdMtD7kTuYjvqrEE1pa-r6ch1D56oGjnH19WIcJEV3KO8bIS05hFFeGnEDM4q0yMEnwraWmuIyrht2jHwNm39K-40PEjweS8Yy4IJdKC8xTLH0O3Th1y8uvFjIyaJiCN9fDU3q32T2iyX9Ns9ZDtn32njVZQQ20-80HL7AfXmbx_T518H4RTFVWahNGvw8-rrZgfk2oE01p09KvaghMm4kvN0DbqRFQPRGvcHOh3-nAq2XN6qR8lgXiVFU_fw3MVOhLaaPuxl9Yyh7jG2Wxr2zsYyO3P44zIbobYomzkwbBJ-4i7lajfCvZpneQ6cnxCACe-FF2JwD-U1FUmz3r3oL2RVH8R0YWwA6z9cU64e0WwIsziBzfwwS90mq4MFs2onRBm8PAVSAALjKxgxICLj-8OBci44m6YLUtGl0QD5BMhMGtJ0GwsEULKYO2GKEfX7QfzOZxPdlCTSPNqGtBo_yEXZU9tsdAdLFW31I2lCx_jIOqeL6H3lPoR6Ll0yP8YtlI_wGEc37XLB-ifmspdKasf8DRmG9hiFMMRDxiINgHwU6s782h5ZbVDXIgs8FEvKif7rJnomaBzNMvnOCoCqrDZJPiGLNrf2k4uxbUU2pes6eqlLAk25W2ALB18u-3l6x_BieQ_dTM6hAQBV_cF9W3ptM_pJ4TPEwqOqBdvpMACK2YB12ux-I1Z1rEMjdyrx70Pww&sai=AMfl-YSVRS-7RRYEYesHP9yYtUcawENEq8dJ79DFuRehCqu3Ht2vuROa_e4RspjHkevLFMsKzwabNThO484wl8BcGXKaTh3QmKwELXIkQL5xqXC26LLg7Ci_phzkaa4Asel6TupmBbYrtwj_sRolnsDc1Qk3Ifhz4PNaowyldFM42JT1SGXagg24-Bw4vpltf4CKnGWL0H6_is6w-Qg3PQs2Pap81QLDivN9_WftJnVPsrKbj_VhvlfeEWI0_cVz20P-YOByTZHEq5KUBFLVCyp6bvhSJAiEO_r2&sig=Cg0ArKJSzGyr9fsAvKtNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2128&vt=11&dtpt=1945&dett=3&cstd=180&cisv=r20230206.41256&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:54 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 943C 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa090378f8d8877e444a5adf5ff4a0e156f990f9fcb0c67b10c68a2f22c9a6b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5590
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0EF2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFe0bkmQX9fxe8Zs2Eyh-MI&google_cver=1&google_push=Aa02lx-G-RD8OxGQ7BnHKw0jxUo1bYvZ5wndlJVGSYXQj1A0YwYY8btRsyXIGuOhoX5eo3qjindKt4y50ChEBD37tf9PDET-rzR5ug
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA0NjM1OTQyMTM5Mjg5NjU3OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ7DCmd-KbsT5PdySJT8TYo&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ7DCmd-KbsT5PdySJT8TYo&google_cver=1
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEJ7DCmd-KbsT5PdySJT8TYo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0EF2
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJca3708pxt4GxBrgYIAiC0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJca3708pxt4GxBrgYIAiC0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SHZldnF6T0MxUHBLbEU1&google_gid=CAESEJca3708pxt4GxBrgYIAiC0&google_cver=1&google_push=Aa02lx9dEfA-CIFzeZYH--3oTTUEmWbVFN65np4hpQvbgBW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SHZldnF6T0MxUHBLbEU1&google_gid=CAESEJca3708pxt4GxBrgYIAiC0&google_cver=1&google_push=Aa02lx9dEfA-CIFzeZYH--3oTTUEmWbVFN65np4hpQvbgBWLvLGVejZ0AHrD2ISUttD9EkMXbHlAXqtlnGxD--7F9fh0X-uRHhx2
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=SHZldnF6T0MxUHBLbEU1&google_gid=CAESEJca3708pxt4GxBrgYIAiC0&google_cver=1&google_push=Aa02lx9dEfA-CIFzeZYH--3oTTUEmWbVFN65np4hpQvbgBWLvLGVejZ0AHrD2ISUttD9EkMXbHlAXqtlnGxD--7F9fh0X-uRHhx2
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0EF2
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELRPgkdi1yXPnMxek6ZgAxQ&google_cver=1&google_push=Aa02lx_9e_kBFfekKP5HEE5y6xUiOc7y_8Hx671uZd_pfLlBrenhwPAGRU5Xo68ShwAZHLkNtc4tP2Dw2gIv8okOVZt_TpG...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELRPgkdi1yXPnMxek6ZgAxQ&google_cver=1&google_push=Aa02lx_9e_kBFfekKP5HEE5y6xUiOc7y_8Hx671uZd_pfLlBrenhwPAGRU5Xo68ShwAZHLkNtc4tP2Dw2gIv8okOVZt_T...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_9e_kBFfekKP5HEE5y6xUiOc7y_8Hx671uZd_pfLlBrenhwPAGRU5Xo68ShwAZHLkNtc4tP2Dw2gIv8okOVZt_TpGyjdQI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_9e_kBFfekKP5HEE5y6xUiOc7y_8Hx671uZd_pfLlBrenhwPAGRU5Xo68ShwAZHLkNtc4tP2Dw2gIv8okOVZt_TpGyjdQI
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_9e_kBFfekKP5HEE5y6xUiOc7y_8Hx671uZd_pfLlBrenhwPAGRU5Xo68ShwAZHLkNtc4tP2Dw2gIv8okOVZt_TpGyjdQI
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 0EF2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PnZsx9x_Ryyrza7PSMv74Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PnZsx9x_Ryyrza7PSMv74Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-h8v9rbStyt92pbQmpI7b_33-LykwyMM-1iuKejjy_7XlDVsRsc3DYDFFKOc_y-ROuVm2sT8aNlq_HVkdqIBOHfZ3NvU_ifQ
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PnZsx9x_Ryyrza7PSMv74Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-h8v9rbStyt92pbQmpI7b_33-LykwyMM-1iuKejjy_7XlDVsRsc3DYDFFKOc_y-ROuVm2sT8aNlq_HVkdqIBOHfZ3NvU_ifQ
date
Wed, 08 Feb 2023 13:18:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0EF2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIxBUnVy0FbIHMG1GWP8ebE&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIxBUnVy0FbIHMG1GWP8ebE&google_hm=Y-OhOpYZgdQZ0MvM4CvzGQAABI8AAAIB&google_nid=index&google_push=Aa02lx-ahpchiHjqOojGsJw9Z5zgmLjaEiAlU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIxBUnVy0FbIHMG1GWP8ebE&google_hm=Y-OhOpYZgdQZ0MvM4CvzGQAABI8AAAIB&google_nid=index&google_push=Aa02lx-ahpchiHjqOojGsJw9Z5zgmLjaEiAlUp7uc2Zm5xmkvUmmeHLPA-eYinY5qPwK90s0GLZzFHzhqj-8v9tFhc7HTmcbbZydsQ
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGXda5xfo%2B%2BsC8AOL3F1bhgnJgTDDlgs%2BddOwOmoBIav%2BCN%2FsK0UBPkwpaxlfCf3sPCY%2F5YTmPvK3%2Bpmjj648hbRW9bFU7b4JmWiIImdJ95sFC3blK3HrzPVETtQ7bXGTkNKTCVxpWtmKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEIxBUnVy0FbIHMG1GWP8ebE&google_hm=Y-OhOpYZgdQZ0MvM4CvzGQAABI8AAAIB&google_nid=index&google_push=Aa02lx-ahpchiHjqOojGsJw9Z5zgmLjaEiAlUp7uc2Zm5xmkvUmmeHLPA-eYinY5qPwK90s0GLZzFHzhqj-8v9tFhc7HTmcbbZydsQ
cache-control
no-cache
cf-ray
7964a76449a22bc5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 0EF2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECybNyDKK-pWtdPA8L-v7kY&google_cver=1&google_push=Aa02lx-Kak6o4Q9j-fRm1ZFLGI33XAgyqkQO-ca3J6s8Bl_w5ollW4if262Acr2N7mrdcT3hxEnlH6hqREw2...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-Kak6o4Q9j-fRm1ZFLGI33XAgyqkQO-ca3J6s8Bl_w5ollW4if262Acr2N7mrdcT3hxEnlH6hqREw2KclVvLniqpSU547arA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-Kak6o4Q9j-fRm1ZFLGI33XAgyqkQO-ca3J6s8Bl_w5ollW4if262Acr2N7mrdcT3hxEnlH6hqREw2KclVvLniqpSU547arA
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-Kak6o4Q9j-fRm1ZFLGI33XAgyqkQO-ca3J6s8Bl_w5ollW4if262Acr2N7mrdcT3hxEnlH6hqREw2KclVvLniqpSU547arA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 0EF2
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECybNyDKK-pWtdPA8L-v7kY&google_cver=1&google_push=Aa02lx9meAr8bo4R16IJg57aJdxIRaGr4LJpWruYAJUo2LsSHetpy7QWlvV46_YMGBnZoI8Pp9azzT9Ii7c...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9meAr8bo4R16IJg57aJdxIRaGr4LJpWruYAJUo2LsSHetpy7QWlvV46_YMGBnZoI8Pp9azzT9Ii7cdeAulJc8_EWQFkTWwtPY
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0EF2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkbFWVnT2tJdd-Yvt7pySZteU68wlzEEb9QpcM5rFj0bmXzInngJ24Iiu9svwjBJTIsaXoLQ
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1C0E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:54 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 220F 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:18:54 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 220F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 09 Feb 2023 09:35:36 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6DE8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 916A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6079
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ3vTUaP04-jHNAFOx3bBF8&google_cver=1&google_push=Aa02lx-u1SOuz3GJD5TQ07L1FJMOBQM8uXwe9s-fJVLa9_jR_ELrJs-zK0rviZnsMZt9svhLu6K2xbz9uG4W-Xbh...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-u1SOuz3GJD5TQ07L1FJMOBQM8uXwe9s-fJVLa9_jR_ELrJs-zK0rviZnsMZt9svhLu6K2xbz9uG4W-XbhiPyBJ02NvbidkA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-u1SOuz3GJD5TQ07L1FJMOBQM8uXwe9s-fJVLa9_jR_ELrJs-zK0rviZnsMZt9svhLu6K2xbz9uG4W-XbhiPyBJ02NvbidkA
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 08 Feb 2023 13:18:54 GMT
Server
MT3 441 9053ffc master cdg-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-u1SOuz3GJD5TQ07L1FJMOBQM8uXwe9s-fJVLa9_jR_ELrJs-zK0rviZnsMZt9svhLu6K2xbz9uG4W-XbhiPyBJ02NvbidkA
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 08 Feb 2023 13:18:53 GMT
pixel
cm.g.doubleclick.net/ Frame 6079
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEE70Q4rWzGPZgMHtDqdIfao&google_cver=1&google_push=Aa02lx9wcYlffE1XfqHTy4hFqgus4ycOBZLofZvos0Yo3SGZQG-YU367bTiyftOoUH9SpWHv0Un7RYJCX5IZjp...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5Nzc3MzkxNzEzNzkyNjI4NQ%3D%3D&google_push=Aa02lx9wcYlffE1XfqHTy4hFqgus4ycOBZLofZvos0Yo3SGZQG-YU367bTiyftOoUH9SpWHv0Un7RYJCX5IZjplBnE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5Nzc3MzkxNzEzNzkyNjI4NQ%3D%3D&google_push=Aa02lx9wcYlffE1XfqHTy4hFqgus4ycOBZLofZvos0Yo3SGZQG-YU367bTiyftOoUH9SpWHv0Un7RYJCX5IZjplBnEWzw0Q8i6Vx6w
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5Nzc3MzkxNzEzNzkyNjI4NQ%3D%3D&google_push=Aa02lx9wcYlffE1XfqHTy4hFqgus4ycOBZLofZvos0Yo3SGZQG-YU367bTiyftOoUH9SpWHv0Un7RYJCX5IZjplBnEWzw0Q8i6Vx6w
Date
Wed, 08 Feb 2023 13:18:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 6079
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESELRPgkdi1yXPnMxek6ZgAxQ&google_cver=1&google_push=Aa02lx-K1Wti5AyhiHE8a1ppfzx7GbvMg2DH0oEMxEgYMMIrzrpO60ROe4w2j8kH-D6mGOUfjzFwnoy32K7ISy_9Ti6ueeK...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESELRPgkdi1yXPnMxek6ZgAxQ&google_cver=1&google_push=Aa02lx-K1Wti5AyhiHE8a1ppfzx7GbvMg2DH0oEMxEgYMMIrzrpO60ROe4w2j8kH-D6mGOUfjzFwnoy32K7ISy_9Ti6ue...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-K1Wti5AyhiHE8a1ppfzx7GbvMg2DH0oEMxEgYMMIrzrpO60ROe4w2j8kH-D6mGOUfjzFwnoy32K7ISy_9Ti6ueeKD6UHo_Q
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-K1Wti5AyhiHE8a1ppfzx7GbvMg2DH0oEMxEgYMMIrzrpO60ROe4w2j8kH-D6mGOUfjzFwnoy32K7ISy_9Ti6ueeKD6UHo_Q
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx-K1Wti5AyhiHE8a1ppfzx7GbvMg2DH0oEMxEgYMMIrzrpO60ROe4w2j8kH-D6mGOUfjzFwnoy32K7ISy_9Ti6ueeKD6UHo_Q
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 6079
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5vbYMwQgTwWJ5QFu1a7xYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5vbYMwQgTwWJ5QFu1a7xYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-zAbsPtvdV03DJgdG3NK5OFaNHAP46FBOKuSvBraxC_eVLaXUTadD9OWf0Tjg1IoYIdHZAnkwDLJtu3tIKCl0w3PGxCTnl6Q
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5vbYMwQgTwWJ5QFu1a7xYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-zAbsPtvdV03DJgdG3NK5OFaNHAP46FBOKuSvBraxC_eVLaXUTadD9OWf0Tjg1IoYIdHZAnkwDLJtu3tIKCl0w3PGxCTnl6Q
date
Wed, 08 Feb 2023 13:18:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
ssbsync.smartadserver.com/api/ Frame 6079 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEINw3bevT9CbnWpl5u69_DE&google_cver=1&google_push=Aa02lx-o-1rPYpsm832Rra3urdlCbPFNsAbz4k7XwAEK42QOzkqsBQzQrSfspvgufmwB_jagZfbbLuAmE2q-MFlbDJsqwS7ybgZc
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.153 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:53 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6079
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELJ0vwfvyJTgkQIXsyR7aHw&google_cver=1&google_push=Aa02lx_TQmYfTdl1H1ig4wzoTef17vfXiZBKlz5hWaPASdXnX4xcj05ZUzvllFHwpQRPuzQeYd...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JaEhDR09KRTJ1RTFNYy5CVmt6YXhsRmgwOUZhSkIwbH5B&google_push=Aa02lx_TQmYfTdl1H1ig4wzoTef17vfXiZBKlz5hWaPASdXnX4xcj05ZU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JaEhDR09KRTJ1RTFNYy5CVmt6YXhsRmgwOUZhSkIwbH5B&google_push=Aa02lx_TQmYfTdl1H1ig4wzoTef17vfXiZBKlz5hWaPASdXnX4xcj05ZUzvllFHwpQRPuzQeYdfBBSkGdVc51CZ8r6bVlsPQvMONMk0
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JaEhDR09KRTJ1RTFNYy5CVmt6YXhsRmgwOUZhSkIwbH5B&google_push=Aa02lx_TQmYfTdl1H1ig4wzoTef17vfXiZBKlz5hWaPASdXnX4xcj05ZUzvllFHwpQRPuzQeYdfBBSkGdVc51CZ8r6bVlsPQvMONMk0
date
Wed, 08 Feb 2023 13:18:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 6079
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECybNyDKK-pWtdPA8L-v7kY&google_cver=1&google_push=Aa02lx_VsywKiNuMFXrzFwfPDQJCO7vUytqd4bo8kYM7TK1bf0QozoU-LShLQpeQH2uaLQZ5XoDoU67i6UW...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_VsywKiNuMFXrzFwfPDQJCO7vUytqd4bo8kYM7TK1bf0QozoU-LShLQpeQH2uaLQZ5XoDoU67i6UWBo6Q2fSiWP1YXUFWn61M
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 6079 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgUoCP8dW327N37yWoSNE8-LKyXjKUXZN0Xqw__ySwHctq9H7YhUW3W-M8e77ceCECiQGtfvQ
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 943C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:54 GMT
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame 8AF6 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0hfS0dCtqLYta0znrLugxpW&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16722942388&DVP_DBM_4=418318611&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=167055432748&turl=https://www.flaresenha.com/&DVP_PP_BUNDLE_ID=&dvregion=2&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a82 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
csi
csi.gstatic.com/ Frame C6FF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ldvp5w5t&c=1636428821851&slotId=818214410925.5&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D68B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOguwQQDm-kmLfdJmaMcAk3lQARnv2s1sR-wzR_6eTeF_PHae7Pfu9KeYZPU5Sq2YdDsN7b4B4NTlsVAaoABNLmkys69mZA6Vwik70wEA88Ycx93MZUo2tsTXuwqPP8AB1gIW4irG4vyS7LBtUalePNszcKSgvXlhKywvkVNjfUZWN526eRTvMjz-Jl4rtOzmys35EFjwGT5MOglAsCAl6gdVMCo0UpFxqLwctMfKlfmnQaNkLVC1NTDRMgncjXBpPXeR75BxILOONipqr9RNxtrfWBgYOTKKNw2IZGtjd1onRoO6Uqz2c9W2FWbMMZfv7ftCXlk5WSgTtpn322pu8B642vpm1p0eEUcQPi0bpaxeJQ8_Er95pBXJGnLP9oxlJWBcftCcZdQq7hpV6xk2LuAnDmoLIGijIWDVMXE5UW5TQdxhoj3f1U76eFA-wm5u5A6sxzqezi_npIAhV2Xt87MVNjwfCx44FshJxcFHze0WCbUc3O2S2JBJg5GATDLIskB_AJ9bo5d5bQBC-qGm21SoaNZjIWLCe_QTdnj9M7mxLV1uU8-K3N9GvUaG4DlXRcFMQWAR4Sd0VYl6BDQ3dQyIzXeAb4VA9k2nUnsI8Qoo4XLEd2c0nMg0dUvxWcXrMhwJg1Ro-aYpRt9MYy7rABdtE6VOXPJMVkVyPUxe-pwFos9V-2Df3MGSihexrDMQirk7z7OQOd2xCMUD3txzjqClSdc4cIYRyBCNdRFP_vHIEaZPIjjYEoSRcn6QUvuRxzVY71DcJMGAsVghLQenxNLAhk86ly0s06G5NUj1oAxt3YXXYW2nxF4phN7xFArj-lfC89uIyBV2WDFmCHw_Vg5JfRDNTU3Rv5ziF93sd0wwDbufSfWyhTEUJ6ZhFAzKCnRZGRCEIM7FVdXVlsrwid6Bs6YIfHmACISSAIzG1lvpLeHd5aXbXp3G_DHC1UMAJ2PxmbJfn_ynfjrNzZAXPup3RjxC8Yji0nsU-3_uQCUZCwmAPgLR8f1Ry6QUxMGoSJZr01lSJm9h_mvqkZq9tAdMY_X0Or225tRG4lYw4TwAvuudPWLv0e8Ttl--bEaRuHMA_fL72I74trKeiT84AYvBQsnu6loQ1XMv4RjXoPEE9fHMNZvAlXRtwGukPm8NVhkGfocLRxXMV7uEPOWklJLOeMCTWZ8BxFX3z78Qxrqfqv40DBKCMa21vKBVub-20G9xh58YPd1MR4iUfWo74Pz5CCTsHTRLPCiuhxw69Bf8qYo7Y_sadBsaqPAXjIDMsOEqtFjeRUKsm_nAdguGNXRhdS_5FR8UgDzKUgoJ6ag-6lMfteIPUeqtQ&sai=AMfl-YTjwhE-R3FQGVUrwTGftzHDPg_K_LXI62s5Y1_FatU4IlfMAyBlh61gLvBVbs3LJvr6_DiDYhQ2rx_0q33PXGzIyRi53la7rjGS3Dtvh8XgkcSgoaHa-UpBvK0oMk7Zk4mOhfyJ2cL8RkIQl7Abw1YR6QoqeVA4rTicQifdHisY63HjA560LP17QuTLrR5bFhMTV944S8hYi_-ZCiy3prxoGa4UP7XNw3x_Xousw1UbCcFzEq_P9R9mYPXF6WupoDDT&sig=Cg0ArKJSzM0CCZwq3g_TEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1076&vt=11&dtpt=543&dett=3&cstd=513&cisv=r20230206.66805&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:54 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame C712 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:dc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
12087758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
NdehxJKPgVhiC_VZHImBQqACBBYg85IzkOUemZC1qDepKL9IJH3-rw==
mon
pixel.adsafeprotected.com/ Frame 6E56 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=18513647035&pubId=1&placementId=396819421&adsafe_par&bundleId=&dealId=&bidurl=https://www.flaresenha.com/&adsafe_url=https%3A%2F%2Fwww.flaresenha.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.flaresenha.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:860e11e1-8a75-11f9-c8ce-040dcc88602f,c:3Dr6dj,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-846cfdc89d-bc7dk,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:464,mot:0,app:0,maw:0,fm:tvhhz4R+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:489,oid:21f0b17f-a7b3-11ed-a173-d6d0a23da14e,v:19.8.390,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.83.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-240-83-138.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3D1A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr6ft,pingTime:-3,time:622,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:488%7D,%7Bpiv:0,vs:o,r:l,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:623,n:621,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:487,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B154~1,0~0%5D,as:%5B154~728.90%5D%7D%7D,%7Bsl:o,t:621,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvhhz4R+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:489%7D&br=c
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr6fv,pingTime:-6,time:624,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:625,n:621,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:487,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B154~1,0~0%5D,as:%5B154~728.90%5D%7D%7D,%7Bsl:o,t:621,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvhhz4R+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:489%7D&tpiLookup=ao:www.flaresenha.com*&br=c
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
csi
csi.gstatic.com/ Frame C6FF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ldvp5wzc&c=1636428821851&slotId=818214410925.5&ghmsh_eids=44747319%2C44748969%2C44765701%2C44777649&met.4=ghmsh_s.ldvp5wzg~ghmsh_s.ldvp5wzj&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=2iToD6gt-wgus7qk
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 05E7 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2859759093507&version=m202301230201&ct=77&x=1&cor=13437442914832577000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C6FF 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-2845463438153782
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 12:39:15 GMT
x-content-type-options
nosniff
age
2379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Feb 2023 13:29:15 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C6FF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=COvM1PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT8AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcuNFqcnJV9kdKxQXX16uMa2e4Jr5oX-Tuu-ipyLefibArq0t9rTB8kcArOEZ9cAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxsQmg24Wu3dm7r4AKA5gLAcgLAdALDrgMAZoNAQ7YEwvQFQHiFgIIAfgWAYAXAQ&sigh=7BbaMuyYBm8&label=show_ad&sdkv=h.3.554.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiMQDyUAAHBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNQABgB
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame C6FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CJNLePaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT5AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcrtEMzxaxY-Pjq-yVOcLR3ljvU0s_1-ZY-WMv_gvm3sXcSoH2qxmbPoLFcAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQv9qOA6gIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxgAoDyAsBwhMGGNTFlo0p2BML0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=ZSKrq-3ZO-w&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDUE5ymfGDwm-S4cZnFHh2QGVGgC6MI1m10CgeiD1kM0_mDNkIIM0ppVUy-Fh-WTGroV-65PnRfbmWOGAE&vt=10&sdkv=h.3.554.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiMQDyUAAHBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNQABgB
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
truncated
/ Frame C6FF 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 4D08 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
verify.js
rtb0.doubleverify.com/ Frame 8AF6 		1 KB
901 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_925785778148&jsTagObjCallback=__tagObject_callback_925785778148&num=6&ctx=14526021&cmp=145089&plc=vtnwou&sid=45f3d18e47f96c&advid=&adsrv=&unit=728x90&isdvvid=&uid=925785778148&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=110&bridua=3&dup=null&turl=https://www.flaresenha.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0hfS0dCtqLYta0znrLugxpW&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16722942388&DVP_DBM_4=418318611&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=167055432748&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=19&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3D2C6D6%3F92%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D7%3D2C6D6%3F92%5D4%40%3ETar9EEADTbpTauTaub5h3h54g3eab_3c72hgfeg%603c22327bh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.00&callbackName=__verify_callback_925785778148
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
616e51fffe55c74ff51057d54fa4af49e0dd6ed882e312105a14d5f343f86362

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:54 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
02/07/2023 13:18:54
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 6DE8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr6ia,pingTime:-2,time:789,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1545,beZ:1547,mfA:2009,cmA:2011,inA:2011,inZ:2016,prA:2016,prZ:2027,si:2034,poA:2035,poZ:2055,cmZ:2055,mfZ:2055,loA:2170,loZ:2175,ltA:2334,ltZ:2334,mdA:1547,mdZ:1583,idA:2055,idZ:2158%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:488%7D,%7Bpiv:0,vs:o,r:l,t:621%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:789,n:621,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:487,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B154~1,0~0%5D,as:%5B154~728.90%5D%7D%7D,%7Bsl:o,t:621,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B167~0%5D,as:%5B167~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g1.990511-61634094%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:489,sinceFw:299,readyFired:true%7D&br=c
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr6id,pingTime:0,time:792,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:488%7D,%7Bpiv:0,vs:o,r:l,t:621%7D,%7Bpiv:100,vs:i,r:,t:792%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:791,n:621,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:487,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B154~1,0~0%5D,as:%5B154~728.90%5D%7D%7D,%7Bsl:o,t:621,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~728.90%5D%7D%7D,%7Bsl:i,t:791,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g1.990511-61634094%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:489%7D&br=c
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 6E56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstDYZiW4d1d3ow2w3xrvzftK_9mEM2JORMl_gbz5wf7NFnEh7G84LzvLYf0i6iE3Kgb2t6_7m_i4HRNors6LduOPvgr3fBQvxSqY-S-7w-oc_qYt_vU9kisDpkNP0cy3sTviolLmSlyOuxETrVVtPv1NAw6mnauhhJg7CM1_3V0T21Kfds5p3cScI4qrWqJd_L1kDnS-E1DOQ4U_BzhJ_mfx3eJlTk3RsMP7jbCoXjRM6KKDR9m8hJ91n0hAc_wlpjbCbO_ayFvgQs-Jyagjgqy4icldCZ8VNK1Dt7hW84vuKLw1ghWML7ZXxXO1AC6oUi5EVecGy3mzj6cdK5r6Kal5Mz8u-yMajF5mAKNdvzqLId-PtfBK_uy1N6HCQDPorucXB4Y_SBENLqfz8lFgP7yxck6TvH4U0HkIykphzYzVoyjE_zHJWtpyNA2VxQNGDK_IvGmYIpBl3WYrbXaNNwduWcauFDcEPngHNonWWJ2Oq5PTHncBKDNBWzd_Gwil57TY_ONow7jWaAxbxioYBuFPKQXdc3HNXSCq_RZ8gu8qWNaSbw_B0IfjJNKLifDMudEF5u7JvJoJos1PvsCfxG6o7nT60jdSf_firwKQekLOQbzGT9LWPZAEVTwIdFtaER4Aien0TLD9mmnBzhGiY0maL_VblkRLHqo3I8G6FFmmybctwS3F8aJFHjFxJzXJUhRjH74HHh__p4CFcxqrDK82vLc_ZNVSvm-Q3MFI0a3CiFJ5JPVXTHg5Bug_AiV_JFkSRFo7BN4qUrCkN2gVmPUA2UCH0ZH97DlO1SmkwdkGP-3lcQTR_nw6aN_ulsuXW4rsfbTCpptf-uChutK8Gpu49Z-tsRqxX5wCgEIJ2cDxI0_HhJl5KPI8cXmFDYHMXtMWwlem9GNPIc08TP6HfS-xbsEGPhjouF6omy3a2J-mlw-qvUx49KjTPV5Y96Q23oeeVwtmQYgoD2_HSZwVIS291GVX1hkHRyfUzwrZnCAIqMKXQKt7wtdP8fsbnltVzjojT1QPLJ9XiQ9_Zda2op0hVOS5qmM-Z4M-VGgQqNyyPYVwjGJYjb_D88z7qjWu6aPlSSbLfkPuGKuOneaQ2bqSt6HdMQcRubgF-U2K36PJXbjLURYnvOGj8ebk4OgpyFbE5P8PHCsnZEGO9iDOEjWaN1FjPQPPdGvdRjFasZElFe1s14rI1Tr4X7MAaHjfhLnEYHYeD7uWIp9Xy28VWu62S3MvRT1lFwHTwx2hx4sZTRTU_Xnr9D2XOUsue9RfdtcMNRg01gaAQO4Xtc1Jl4pNKHCars850MJkgOhEFx6CCYJR4m31UYpHsOfEuZjhg&sai=AMfl-YQqgENKHUGV1RDtq_xqiGfolapYHfMZlpeY4HNSK31HaCEg_GKcVBo230S3jq1ouBQ7cO_rHHLCVy7bFNll452tLFxpiVDg8YYveATkQ1IrbahwlOfOl9n2arjwk4g5zeHFELMUkyjX4FSjfXVYxbauyruiaPKulQMYqsrFWcnpTWuSMhjmimbPCPtls2BHEQIjrnZqQ07UZFQ6dxSYoODVyus-_1MijDoEud3U4Pz98GUE1uky5db1GXQAYisZmA7L&sig=Cg0ArKJSzPG4eQb_R48VEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1294&vt=11&dtpt=733&dett=3&cstd=554&cisv=r20230206.29925&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:54 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~ldvp5ua1&c=1636428821851&slotId=818214410925.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C6FF 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.554.2&e=44747319%2C44748969%2C44765701%2C44777649&id=ima_html5&c=640078681637213&domain=www.flaresenha.com
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 757E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 916A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame 96F6 		1 KB
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:12:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
603
x-xss-protection
0
last-modified
Tue, 27 Nov 2018 13:48:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:27:46 GMT
cta_deals.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 96F6 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/cta_deals.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1864
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 07:45:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:31:09 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 96F6 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:11:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:26:16 GMT
300x250_40_prozent.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 96F6 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/300x250_40_prozent.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2911
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:31:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:31:45 GMT
300x250_head_2.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 96F6 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/300x250_head_2.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1326
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:31:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:31:45 GMT
300x250_head_1.svg
s0.2mdn.net/creatives/assets/4722971/ Frame 96F6 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/300x250_head_1.svg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:16:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2030
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:31:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:31:45 GMT
mob_320x50_kv.jpg
s0.2mdn.net/creatives/assets/4722971/ Frame 96F6 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4722971/mob_320x50_kv.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29578a238737a2f109e6ceea51d70a3bacc34064dbc76e859ad3c6e5db915dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12786026858647040320/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:08:21 GMT
x-content-type-options
nosniff
age
633
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20100
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 09:56:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:23:21 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8zMTAxNDEvNzFiODljZTMxMTk5N2IyZ...
s-img.mgid.com/g/12016692/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12016692/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMS8zMTAxNDEvNzFiODljZTMxMTk5N2IyZjZlNzVhYmVmN2E0MjYzZjEucG5n.webp?v=1675862333-deg4Su_h3xQ3viaL7eurOX9x-g-0mBCnGsYmAEOPxqM
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a157ebfa6a64f5d184cbc3280ced7fdd0bcd990e2ad1075a9c0f0a70def5b28

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 13:52:59 GMT
x-mg-request-uuid
6b411864-b0c3-4c6c-9d96-6bf8c83e3348
server
cloudflare
age
2606430
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768bac8bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14502
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjk0LHlfMzI0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwL...
s-img.mgid.com/g/14339863/492x277/-/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14339863/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjk0LHlfMzI0L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwLzMxMDE0MS9jMTIzYjAyZmQwZTUxYjgyODRlNTIzOTJjMzc1NjU4MC5qcGc.webp?v=1675862333-4a5C-R_yCQVn8UrYYIAA0Xn2icBALDUV1bVd9ZWJNTA
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76500fd6c6f9f00c027f2eed09ec3ffc748b6b6ab777225bc6347af08b0c6740

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Thu, 13 Oct 2022 22:55:20 GMT
x-mg-request-uuid
acee139f-5c05-4d94-a34b-efc362c89995
server
cloudflare
age
2607268
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768bacbbb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18626
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvODg1N...
s-img.mgid.com/g/12658922/492x277/-/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12658922/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNC8zNjk0MDMvODg1NWY3OGNjNWUxNDAyYzQ2YmViNDUyZDQ4Y2E5MjkuanBn.webp?v=1675862333-xbv7W205SwzD7PR0A36peu24abjIi8UkLN3NEVE0oRY
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c2ac986201217f1574d4f955599ce363f44e6fcb3eef4184fb6a21539441af

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Sat, 09 Apr 2022 23:29:29 GMT
x-mg-request-uuid
41aa5c72-44db-4b63-a43b-8e7dfa063696
server
cloudflare
age
385227
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768bacdbb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23704
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8yNDIxMzUvNmQyY...
s-img.mgid.com/g/15314680/492x277/-/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15314680/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC8yNDIxMzUvNmQyYWNjM2Q3OGE0ZDEwZGVhMzZiN2VhZTg4OWVkODEucG5n.webp?v=1675862333-i4i4UTl8lFbrW3Ef5G9oGkGKjSDTVE2fOsRkmY41dEI
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7757ce4762834d6a9f396900a9ae071a02eac623dfbd1eeb0667b7c1226d00

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Feb 2023 22:47:53 GMT
x-mg-request-uuid
24d8338d-201b-42dc-b7c9-242143473e2a
server
cloudflare
age
138406
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768bacfbb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36542
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8zMTAxNDEvODZmZDA1ZWRiZGIzZTg3Y...
s-img.mgid.com/g/9591944/492x277/-/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/9591944/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0wNi8zMTAxNDEvODZmZDA1ZWRiZGIzZTg3YzEzMzk0Y2Q4OTRjMzAzMTYuanBn.webp?v=1675862333-2GN-XztfT9ROfErjK8Us2q4wGItw7nZN2tdLWNqhsuo
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d52da323f1ec2e2014a666f7755ba95f98613c27ddb7872e341f123a04606bc

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 18:54:01 GMT
x-mg-request-uuid
06b2eef5-8536-4467-bda5-f84bd82a4532
server
cloudflare
age
389221
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768bad2bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12242
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzMxMDE0MS81MWJmNmNlNTU4NDg5NzlmZjRiN...
s-img.mgid.com/g/9355708/492x277/-/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/9355708/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA1LzMxMDE0MS81MWJmNmNlNTU4NDg5NzlmZjRiNDFlNjM1YmU1YWQ1NC5qcGc.webp?v=1675862333-9uh-r3-hl4vnK_Fufz8cDm8stoR0SzgQqACZaXW2UBg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c184938868342f29fb32d3fe9be380ed171a0dc25fac11fe3c3e358968098f7a

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 16:01:30 GMT
x-mg-request-uuid
a3d2348d-2cd1-4754-af92-6289bb5374af
server
cloudflare
age
2607295
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768bad4bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12958
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA2LzMxMDE0MS81Y2NkY2MzZDU5MDRjNmNkNDNmY...
s-img.mgid.com/g/9591949/492x277/-/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/9591949/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfaW1wcm92ZSxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTA2LzMxMDE0MS81Y2NkY2MzZDU5MDRjNmNkNDNmYWVmNWU4Njg4NDEzYS5qcGVn.webp?v=1675862333-unwcf6dxKjb8y20wAYHFdMoYI38ll-BixEUqDPEK3tM
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add24724c880c66c78a7488eef272196822a2f1baf47f13e6c2b2cf320082a26

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 19:11:17 GMT
x-mg-request-uuid
13d53aa8-53a9-4bf7-b40b-76e61c42e477
server
cloudflare
age
1051423
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb17bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39340
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC83MTE4NjgvODZjO...
s-img.mgid.com/g/14348425/492x277/-/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14348425/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC83MTE4NjgvODZjOWI3NmRmNGYyNzc1ZjE4ODQzZmRkOGYyMGEyYWQucG5n.webp?v=1675862333-PomBINk8EKeqei6wEjz-sY7Rxk3VCW25yiUbEn115DI
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22d85a2c5f87dc04f5076e9a5bbb387676684f544af47df48326056d77d6d25

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 07:51:19 GMT
x-mg-request-uuid
af7a02fd-b2fb-433e-b6b6-f8ebce257b38
server
cloudflare
age
9126550
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb1ebb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7250
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC83MTExMjYvM2M5O...
s-img.mgid.com/g/13813992/492x277/-/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/13813992/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC83MTExMjYvM2M5ODRlNmM2ZWJmOWE3ZGFkNzI2NjU0M2U5NDRmZjMuanBn.webp?v=1675862333-wPxaJki9t2y1J6fEjVqgQcPtbx2BlbYWrc4LM6qkJ7g
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
263c4fc9e5cd140d6a05b6a69429e70bf47b494701d07d4814294f88d3742596

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Mon, 02 Jan 2023 08:48:04 GMT
x-mg-request-uuid
3356f3b5-b88b-4239-b236-56ffeb365985
server
cloudflare
age
186230
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb21bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19264
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC80MDU0NjgvNzQyZGFmMzEyYjNkMTk1N...
s-img.mgid.com/g/12403558/492x277/-/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12403558/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC80MDU0NjgvNzQyZGFmMzEyYjNkMTk1N2I5ZWQ1Y2U3M2I2ZWI3YWQuanBlZw.webp?v=1675862333-_ZRqzX3i5APmLnE_FV7YWvKNWTNuHS0yXx0Be1aGjvk
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e514e934e339021255374a8441caa10fafdfc8e5886daf3f807ce5a7f9e4191

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 11:01:41 GMT
x-mg-request-uuid
b72b9f4b-3436-4a36-a64b-5b8b4d49414d
server
cloudflare
age
8009
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb25bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33172
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMi8xMjQ4NDEvNTM3Y...
s-img.mgid.com/g/15313192/492x277/-/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/15313192/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMi8xMjQ4NDEvNTM3YzVjOGExNmU0Mzk2YjdiOGEyZDJmMjc4ZDRhMjYucG5n.webp?v=1675862333-cLyfAZUUkmuLtn4gh-Uiqkh54k5_aAvRoHHmBw8cjyk
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bbe7b5f249bfd08815fb3fcbf17b657396e30a9bf95bfae1b99bb87ee240590

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Mon, 06 Feb 2023 17:41:32 GMT
x-mg-request-uuid
9912333e-bb8a-4c76-8b01-7c0c0556c71b
server
cloudflare
age
157016
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb26bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
33996
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC80MDU0NjgvNTdhZTM1ZjQ2MjEzYWE1O...
s-img.mgid.com/g/12403561/492x277/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12403561/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMS0xMC80MDU0NjgvNTdhZTM1ZjQ2MjEzYWE1OGVhYTE2Y2Q0ZTdkOWY1ZGUuanBlZw.webp?v=1675862333-c-62EYXw3ZNP5J-Mz645cnlSgD1ZH8WG17Xq2tkFIxw
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce961d6fe35f8923aed93d1746fe61b6caf48b80daef3aebfadc2d65b5ec8530

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 11:01:49 GMT
x-mg-request-uuid
bad9ab8b-40be-4b60-b879-9273d5b831fd
server
cloudflare
age
7896
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb28bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21062
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zNTUyMjkvMGY5N...
s-img.mgid.com/g/14226125/492x277/-/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14226125/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zNTUyMjkvMGY5NzAwYWRkZDRmY2RlOWM3OWE2YzJkOTlkNjA1N2YuanBn.webp?v=1675862333-UUvjPkn6inWvTueTTYklgLGZrZuya-bx7tEay3WIz68
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e245098894c43ccd93ba26f271fe0b521dbdeb9dafb99034d94c5f418e8103b1

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 08:12:16 GMT
x-mg-request-uuid
0ecc40eb-ef11-4446-9138-e236d7e34068
server
cloudflare
age
61597
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb2bbb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23302
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi81MzA0NTMvYjQ4NmIyYzdhMDllMjkwY...
s-img.mgid.com/g/12272113/492x277/-/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/12272113/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMi81MzA0NTMvYjQ4NmIyYzdhMDllMjkwYmJkYjc2ZjA1YjY3ZTIwZjYuanBlZw.webp?v=1675862333-JtbnYsI5E0h9esczduhhO51zUcAKHkFD0BdErKFdj8Q
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a47c4e1b4122fe69ace029049f6f1a8834e53318e2010718cf70cf1d15dd429

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 16:23:13 GMT
x-mg-request-uuid
c12a7580-6b0f-427d-be54-3a6c39b463a1
server
cloudflare
age
74951
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb2cbb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5328
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zNTUyMjkvMjcxZ...
s-img.mgid.com/g/14256106/492x277/-/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/14256106/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zNTUyMjkvMjcxZGE3ODg0YzcyY2JjMWYxYTk4M2Y3ODg3MmI4YjMuanBn.webp?v=1675862333-gX8vXQ5SvU45KMyZdb3KiSOrXQk_FWWSvf4YLjUWs6M
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6851728d133089ee1e2c81db4467283ee4de402ffda2a7202d39aefe2c70a28e

Request headers

Referer
https://www.flaresenha.com/
Origin
https://www.flaresenha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:54 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 07:41:16 GMT
x-mg-request-uuid
4c7b0874-1cf5-4ac9-b4ee-93caa5bfb2d3
server
cloudflare
age
106299
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
7964a768eb2fbb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14300
videoplayback
rr4---sn-5hne6nzd.googlevideo.com/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-5hne6nzd.googlevideo.com/videoplayback?expire=1675891134&ei=PqHjY5qVAYSm1gL74IHACg&ip=2a03:1b20:6:f011::5e&id=0b2ce3ed879b054e&itag=22&source=youtube&requiressl=yes&mh=3A&mm=31&mn=sn-5hne6nzd&ms=au&mv=m&mvi=4&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.162&lmt=1675672561089679&mt=1675862044&txp=5318224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgA5WHWOIfeX_XGVoM5GnlKkOfwgRwNmaaymoL7lekGagCIQCi6vsi1RzXJB1ST71wbftK1dszCqJXTQVwxeMv1lLL2w==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALBheaUSwHBt1Gq-3DXMMBqju78HV1gkM8a-ZJdmqripAiEArDGwu4QJsCIZoFu324jAZ7u19J1W_sD87p4KGJmbhzQ=&cpn=2iToD6gt-wgus7qk
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:13::9 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
c7211fa67efca4033ac3d5cd647b80451900e24ebe3f43feab9411332b3f72e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.flaresenha.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 08 Feb 2023 13:18:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Feb 2023 08:36:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2028229/2028230
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2028230
Expires
Wed, 08 Feb 2023 13:18:54 GMT
dt
dt.adsafeprotected.com/ Frame D68B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=6aed40d4-362c-749e-7fe4-618707a7622e&tv=%7Bc:3Dr6lq,pingTime:-10,time:1353,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS43NyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675862334848%7C%7C9955c309cece6872cffa6091315601e7%7C%7Cab5c22841446b8290841bdac13eccace%7C%7C5cefca25dac62c85c5a055eb1d56fb2b%7C%7Ca9d9ec1ed0206e1bfef4e2a297382f9e%7C%7Cae2e7a3248ab2d92c0752f64e6da60ca%7C%7Caf52537aa08cec663769bf93f9d0e62a%7C%7C52fc121c74bbaf62177bdea831ec5159%7C%7C1663701684,im:%7Bpci:%7Btdr:789%7D%7D%7D
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85F9 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5725975146151&version=m202301230201&ct=76&x=1&cor=2630820520763288000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 8AF6 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
519d5bd967e0830146e37151a545865f3d8ce232d3586b5f65e7bed8baefb871
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:14:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10632
x-xss-protection
0
last-modified
Wed, 01 Feb 2023 13:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 08 Feb 2023 14:14:02 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 3D1A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E56 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdccDlxT7GouWmKZDHnbhcmw0lfBRGCUXu5FIWJblWVH3Gq7EOP0uCXD9bdUhx4OUB86hzPm21VBWnAT-S6SzUYckieWdcyy1TTuPPKa-kzMmm2CdoZhKJC31UnVQXNlGu0Jn-Tg&sai=AMfl-YSK3QyBFzJJt7YoNrEfxuOm6LxBsUtScO_yAXRlUuBgchk65Rx8WjMMj3P9JpAqgxtOyWiLHpqogGfW311cckf2TDkQZUObGsRYDrPPtD0iH-VIVm_3-dK0M8k&sig=Cg0ArKJSzO2TXOQrvsnLEAE&cid=CAQSOwDUE5ymFejyBwxmFQrC8YYmz7IJ4V__2L4o9tUr5QQxjSkb-_elKiespJxf0K7RZ9-ypQ1uzSvDWVMlGAE&id=lidar2&mcvt=1140&p=70,857,160,1585&mtos=1140,1140,1140,1140,1140&tos=1140,0,0,0,0&v=20230206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=128102006&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675862332312&rpt=1577&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 220F 		2 KB
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
778
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 14:38:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:31:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 220F 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b7192a4dac506356fd04c9d26671a49f1ce9fb546fc930b564b7b812c0301ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5620
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 943C 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6618301976537&version=m202301230201&ct=76&x=1&cor=3275671535494826500
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v94.js
www.googletagservices.com/dcm/ Frame 8AF6 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v94.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0313c42048efbbd0b5ea187ac6bb5f9f6fb8a99776b3cb981c346243b8e0e978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 10:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23493
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 19:50:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 10:34:51 GMT
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr6rD,pingTime:-10,time:1376,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS43NyBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675862335232%7C%7C8d5be250216566983d650438bc6313d6%7C%7Cab5c22841446b8290841bdac13eccace%7C%7Cc8edd8d029b580cee2fe69dc80d56cdd%7C%7C6b5ae56b2bcbe2e4add25138910bc766%7C%7Cfee0a178881422cd1599470289fa4dcf%7C%7Cca1179f1a857c1e3bb7ef174bc11aab4%7C%7C7b44d0291be5a7eba7c5d45d03c32dac%7C%7C1663701684%7D
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame E437 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQgeDO6HjY8WaLqyrx_AP362H6AsAAAAAOAHgBAI&bg=!q6ilqPzNAAaq5O5FiuQ7ADkAdvg8WsGA_tyzx6DBkKnZYRnM62hBfjpHFw7zSgM8pg99c1RlBRZ51EjanuG720DyI347pM6LE7ICAAAFElIAAAADaAEHmQLgwwrvlXnsK2oPVcuVHkOh2mbBsxV7Qz4fYoIZmkePaCi2iktQ6jQH6meYQbCFHE0QIl6brmgkvi3QVGDKPY2Zag8wBXwInWy2VTxMJ5ZIDE36_qiVGdoOdUXUFtLeVd8Lasp8Ba4WVCY6rHkXxiU0oMzzlERhbxH_iH-A0RlZHje0qjggEoEQhi6yl6ryQkXeZ8diu_7-az2i0jI54UaUnv7koc565P76xSupD-QwPt8wn8W9nm5B9bLjjXTapox0YlV6OW9g6eCrZ8NC_35RVFGUHMo4BNMNZVdNHgJf5PFWz_SAwK8GIB2U1fOjvfZCaIs9FV5cCjkntKXRwJqZxdbW7A2KTSWoxzv0xn0nkK8TV8DkzJKmbZrG7d_xNcZ9aT6g6FSK7Ij9GCooXNYEb0bC9RuwrIZr-M71z0kGZP7ghAaVP6rytK5n3wst2u_IqlBwCXAzc9BPKWAfkFAGtQSymHZP3CB-UvPMRM6kp6RwYy2a-wnw5vgKSXIl22BZ_2a3ebh7YLK2ACkAR38g95ePOl2DqespMyrFsnizrXrzlyNgMjEPGJBr86EkuS2aBS5XLIyZINCMpufhN_ULsv97EXINxBT1-RFeJG9GsireFloWiEVQ4fsLgqPqDdmQPQDvHlBIUSgUXxqk9PUqA7OO_aXGYCTWqfqjsyT14w0txlgkySLhh0HLr9fUHl73phmpW9S8n8AmHbOjgHIyNc_16zCLYiRbC5DY4eyeoDelRE9nICXw_rTodpbTP5Bvr4JtAiOJcB6Fu2n48A0D774vKH7io6DDn8hSOc9z3qaUkjA77HC4QHA6-ySV9o5gqGvjFZY3pBHYzmb2gReDXzL1uBaz06Pyl1WTwxiAq72Sl6ixC599uHPSivU1ZLzYJsr11BnesF8eemDmhWKEGBjNQ4su4R565L6NyZZXm-3MZrxTioqmqMqMbZvacVkcKPfatWHljSeLr92_jSjWQQ
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 372B 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKICPPKHjY7mYAcmH9u8PyL6PuAcAAAAAOAHgBAI&bg=!nJ-ln8vNAAaq5O5FiuQ7ADkAdvg8WqljhOLRFD0UGr9_jlUY-LJcbAngaWgVH-En7QHNEznjwwjb7S-scEWjBsxU6siNL9vltSICAAAEcFIAAAAFaAEHmQLvia-tmQIBPR_4AWwimRk5sak9irce4u5Vo9iDSx-01QUeQNHeFQpfww3xKU-bnM3bpK1p0m5ZYpG2ulJrrC7AVv6AsCx2twmVLEJlFhiZhf_mX1yTLfUx8ya16xR9ESa2QDWOhp1TyPBW843X7xj6XAQv9msH46mw7ZgRExlwBzyqr5znnI2wZcZvVfDqlb6tdBiUONeMbZ0s1Cv5-WAwfTBc0vR0271k-P6UgS-bPw9kHNoyB5F_BJVKVKqVVZP6CUQI7U3hrWsoRaK8iKDX8mfTYuoydcnTm_K7X7w5W5GcM11N76dUFHj5AJjqxrpG8znn35NyNKzKiExDDKmmNKehu5xowfHcVHdmkAPI48tGdExPT0XVAiggBQZoK7cLFKOCl0xQllVVQVFgFcP0BRfeueaBayJ6NZcFeSYLsVD2sS48yL-Hdv7J7KAFy5GMAQuQ5hnRmvHWhSpeY0d-nzXCDLz5byBsQGXVw_QyzOxHSScW-RCHr_KfYr-lAJF-Zk_xrMDAe9k4SWe8Q2AnBHMkCBmwDEBsc4Uwl6wEj3eJ2NpvH6NSIChvAa250FSLEWxj4Qt8y-umHv6WLu6lYMZv_02TqmOUQZev27ucPZwlokEG_WIjKrNeS7iMG8C3ATpnHbY23p3HlPbQqc_xYzYjJ1FUTaX_zdJXlCTZ3e3QFx8DBhChOlD7qFXvsAHD_cMCkXvMbjyLltO4lwaAwtTtuO4fnj6CwrIv9qjx4mSDgbCPN25RC2qLcVys6DxgVRgXy2bh4zRAVk4wNjTV55keMNeJCKs8U4tOAkHt8jDf7xZaS-5cRPTe0sP1kOg2knNQNFoePoIfzPSVnFnFE_hKNUTwGWCKrI8ex_1Dl0fojr0BSf7svrwuZ_ygS7HjuDjDpuKJrrbfwiIxO1p3h8NQk_9eNG1mVQsIwu11XvAf1KAxbPkJNHocKCEpp0gtjgNP_gucybKbtSScgKXEDLnANTVEFO4v06gJj8Refg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 220F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:55 GMT
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 220F 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20ace21a6a85fac08d353bd798f34c2c3d91764b2865a561d32f50a4817c7c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17811
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 09:51:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:30:08 GMT
B9689862.280630144;dc_ver=94.277;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=993985378;ord=oaw1vu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 8AF6 		55 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=94.277;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=993985378;ord=oaw1vu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=181;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v94.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
4fb47134411c0993a163895f909a8d27b38b6f419af4777c87b2cb4c8dd85894
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C6FF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=COvM1PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT8AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcuNFqcnJV9kdKxQXX16uMa2e4Jr5oX-Tuu-ipyLefibArq0t9rTB8kcArOEZ9cAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxsQmg24Wu3dm7r4AKA5gLAcgLAdALDrgMAZoNAQ7YEwvQFQHiFgIIAfgWAYAXAQ&sigh=7BbaMuyYBm8&label=video_ad_loaded&sdkv=h.3.554.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiMQDyUAAKBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNQABgB
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame C6FF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 19:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Feb 2024 19:19:08 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame C6FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=CJNLePaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT5AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcrtEMzxaxY-Pjq-yVOcLR3ljvU0s_1-ZY-WMv_gvm3sXcSoH2qxmbPoLFcAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwUQv9qOA6gIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxgAoDyAsBwhMGGNTFlo0p2BML0BUB4hYCCAGAFwGyFx4KHAgAEhRwdWItMjg0NTQ2MzQzODE1Mzc4MhjP1Gk&sigh=ZSKrq-3ZO-w&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSOwDUE5ymfGDwm-S4cZnFHh2QGVGgC6MI1m10CgeiD1kM0_mDNkIIM0ppVUy-Fh-WTGroV-65PnRfbmWOGAE&sdkv=h.3.554.2
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C6FF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU932PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT5AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcrtEMzxaxY-Pjq-yVOcLR3ljvU0s_1-ZY-WMv_gvm3sXcSoH2qxmbPoLFcAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxgAoDyAsB2BML0BUB4hYCCAH4FgGAFwE&sigh=Oy6KYkARymU&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D9199,802,9379,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15092%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D4775%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1675862334567&sdkv=h.3.554.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiYQDyUAAKBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNIkQdQABgB
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6FF 		42 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDvgdMwKemsbCPb6HPIUzb-4GnXWISti6ZK4hr5uyMGvHZNcUiNwocDvOGtdiLM1G1D6OEY317PBatGR8jZkQ6eMSoMjfDBkdY4lU1GTLBDWTJi0U7CE_SegVl6B7gkJPpRklHKQ&sai=AMfl-YRmJdMtzHwFEULQ-GlRH7f-x1J99luIM4jlkqWGX9JpN2G2GrGswa_7iiXLExsXmOP6PB8ePJq8lcyAgb5ekr8IYzaQAjmfQDkAuWA4kWzsgfmb3tmjOLj6xeo&sig=Cg0ArKJSzG12w8hFijwhEAE&cid=CAQSOwDUE5ymfGDwm-S4cZnFHh2QGVGgC6MI1m10CgeiD1kM0_mDNkIIM0ppVUy-Fh-WTGroV-65PnRfbmWOGAE&id=lidarv&acvw=sv%3D947%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D9199,802,9379,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15092%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D4777%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1675862334567&avm=1
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C6FF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU932PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT5AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcrtEMzxaxY-Pjq-yVOcLR3ljvU0s_1-ZY-WMv_gvm3sXcSoH2qxmbPoLFcAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxgAoDyAsB2BML0BUB4hYCCAH4FgGAFwE&sigh=Oy6KYkARymU&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D9199,802,9379,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15092%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D4778%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1675862334567&sdkv=h.3.554.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiYQDyUAAKBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNIkQdQABgB
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
www.youtube.com/api/stats/ Frame C6FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?cmt=0&rt=0&rtn=10&delay=15&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=15&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=2iToD6gt-wgus7qk&docid=Cyzj7YebBU4&visitordata=Cgs2QzJwbGZIUGhRcw%3D%3D&of=-_xhI4eL4MjOL53E0nwGhA
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame C6FF 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.554.2&e=44747319%2C44748969%2C44765701%2C44777649&id=ima_html5&c=640078681637213&domain=www.flaresenha.com
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C6FF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU932PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT5AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcrtEMzxaxY-Pjq-yVOcLR3ljvU0s_1-ZY-WMv_gvm3sXcSoH2qxmbPoLFcAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxgAoDyAsB2BML0BUB4hYCCAH4FgGAFwE&sigh=Oy6KYkARymU&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=admute&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D9199,802,9379,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D65%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D65%26pst%3D-1%26dur%3D15092%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D65%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D4781%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1675862334567&sdkv=h.3.554.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiYQDyUAAKBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNIkQdQABgB
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 883C 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_n97O6HjY-OlNaCj9u8Pn_Cl-AoAAAAAOAHgBAI&bg=!Li2lLXnNAAaq5O5FiuQ7ADkAdvg8WlrbgU9tiS5HQm5Z-9b_ZsYK42z28Z28R4STe7jF7JeN0pMgfFF6OJjjqCoYs6d2Cnw2bncCAAAE9VIAAAAEaAEHmQMDzErdmIOswMd9WeiuhmwBROFsA8TxTd-_D3zwwgbg2qq9dLwmTWG1E9gDtTP1j3PHpudfTu0iczifRt9A8Y6Alsjy2H3sb52CEQtqDPkKO2o-HGcMaEv4IkC-W1i71f9fh4zdNv5E1oJvVBwFm-oeSaPVK9dc2im9LROtjLu6pZ1zS3gsr6xqZ9sG7v6tjx_i5bRRSdl4XCC2RX5ZzIDiI1vnlpvyvC8WCYgy0hGBYwlCQHSyFOppjCw3FUqE4Mj3LKJy55lS9hIsbWwsAV6UzKqiH3o9EFpMoXbLObxXJkk7fT1cgo2gfKeNUCd7WK5hpCya2MdU7OQvaaXxsT8x95JvQN1CBfylCy92uhltEH79q2kaM7RnmRRFk8C9OjzCHcXxiTpnBFKXGqff2uYbYNP8zygo3AaF9vNximT7n7i9w3IqCe_FRFZCROgk4u3FzX1m1trcIMCKPSqduWlV6SC0FhafrdgLlt6bTMTHSLtmXSovTAiT4vtUz4zFLKSdUODAqHb8DHYwwxXoT0p39E-t3xdS0a1SFwytzGUnYBsYlox8vPw6duD35Q1iW8PWtJJo2jaLmMLmWxYt5Tog8U3orHSOTQF6uVFi1Ngjd3QPegIDypqpiuuhKeNnhgup7GFWYLMnutPG7T_oVNNsPr3gjUzzERHiSQpSaxBmCyDDN_CkQQs7ZmXlk-PiRUeNiFwuTjNWq6Kz983XJei6XvHWVQVAuXOTH45BY0Ta4F6JrbIWsI3zswdPdD5nXDQAMTTnRcNyAh5j9L4uwVFKgHykerbydyBoW-tq4hGACHAH9_NAboqJ6eFCrvNgmlHINB6cuYiAiyWobjOtGxLtavlWWtV8Q7l5LK0XfuYCKk1rgYPv0IalWavuM9gYK3Qi1pDwS_aWwvdtZlqsWmQ0PA8vyhubqPOr_VVkGuzMk2BFp29LNP9jj0A6-MJhttYFga6HZ4irv6bMaAGXRfFssnQCmWXsl94d6pgidkt4S7FTVR9RyzaX1ZqI6gpl3MnTqydP
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D68B 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6093561375910&version=m202301230201&ct=76&x=1&cor=7817417894427382000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame 8AF6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=94.277;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=993985378;ord=oaw1vu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=181;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:54:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
30274
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 04:54:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8AF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_FK8NXJawnjs-ek4Ra5wD-D-3RgcBmrMPW0xSh_2AcC1im8dmyzFvTAsoAKYVI1qokivguLgbkLtRD4xpnfe06lC6XHDeo0gOS8hPrNuKB_jcjNzSJ55MG4MUw6o5ZRo4IrqqszlocOPJI9MBzYmQqKuPh0UrJz6UKrI&sai=AMfl-YR1R7gnjO0EP1bMgGqnfWgrI5H_cgpiMl0HUhCjJzDClwL-GeHQPPm1r9P5pNx0fzTyC0QdYMsUNODtrhQJQFGHQfpxydmmxWVKyA&sig=Cg0ArKJSzL_Af9a_8Wi9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230206.08111&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=94.277;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=993985378;ord=oaw1vu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=181;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:55 GMT
16962963768266320094
s0.2mdn.net/simgad/ Frame 8AF6 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/16962963768266320094
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 17:53:26 GMT
x-content-type-options
nosniff
age
156329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34175
x-xss-protection
0
last-modified
Thu, 26 May 2022 20:29:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Feb 2024 17:53:26 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 7296 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DF78 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30274
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
expires
Thu, 08 Feb 2024 04:54:21 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dv-measurements3508.js
cdn.doubleverify.com/ Frame 0B28 		555 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3508.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a82 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bc4dfd3949595b18884f31b9c6c199c4c1310c619816e96d428f733176c04978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 13:18:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Feb 2023 08:38:04 GMT
Server
Microsoft-IIS/10.0
ETag
"0be8d7ecf3ad91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108623
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8C0C 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30274
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:21 GMT
etag
48472445140208031
expires
Thu, 09 Feb 2023 04:54:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr6Bg,pingTime:1,time:1973,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:488%7D,%7Bpiv:0,vs:o,r:l,t:621%7D,%7Bpiv:100,vs:i,r:,t:792%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1182,o:791,n:621,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:487,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B154~1,0~0%5D,as:%5B154~728.90%5D%7D%7D,%7Bsl:o,t:621,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~728.90%5D%7D%7D,%7Bsl:i,t:791,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1181~100%5D,as:%5B1181~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:313,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g1.990511-61634094%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:489,sis:898%7D&br=c
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr6Bg,pingTime:1,time:1973,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:488%7D,%7Bpiv:0,vs:o,r:l,t:621%7D,%7Bpiv:100,vs:i,r:,t:792%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1182,o:791,n:621,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:487,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B154~1,0~0%5D,as:%5B154~728.90%5D%7D%7D,%7Bsl:o,t:621,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~728.90%5D%7D%7D,%7Bsl:i,t:791,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1181~100%5D,as:%5B1181~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:313,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g1.990511-61634094%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:489,sis:898,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr6Bh,pingTime:1,time:1974,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:488%7D,%7Bpiv:0,vs:o,r:l,t:621%7D,%7Bpiv:100,vs:i,r:,t:792%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1183,o:791,n:621,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:487,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B154~1,0~0%5D,as:%5B154~728.90%5D%7D%7D,%7Bsl:o,t:621,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~728.90%5D%7D%7D,%7Bsl:i,t:791,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1182~100%5D,as:%5B1182~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:313,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g1.990511-61634094%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:489,sis:898,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 220F 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1840
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 11:00:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:33:37 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 220F 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:06:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:21:55 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 220F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
855
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:19:40 GMT
NH_D_LA_Wall-Flower_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 220F 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_LA_Wall-Flower_728x90.jpg
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36fb8b973ca16b28c844f2b17e1cdce0236318f53581b3ce3007d95960be3488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:05:37 GMT
x-content-type-options
nosniff
age
798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82432
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 09:40:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:20:37 GMT
truncated
/ Frame 8AF6 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f22e5a13e3ed485b3993c1333250b735e0d955192f54ac4dd880fce4a90d2e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 220F 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=9FyqKHQ59F&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:15:31 GMT
x-content-type-options
nosniff
age
204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 13:30:31 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8AF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_FK8NXJawnjs-ek4Ra5wD-D-3RgcBmrMPW0xSh_2AcC1im8dmyzFvTAsoAKYVI1qokivguLgbkLtRD4xpnfe06lC6XHDeo0gOS8hPrNuKB_jcjNzSJ55MG4MUw6o5ZRo4IrqqszlocOPJI9MBzYmQqKuPh0UrJz6UKrI&sai=AMfl-YR1R7gnjO0EP1bMgGqnfWgrI5H_cgpiMl0HUhCjJzDClwL-GeHQPPm1r9P5pNx0fzTyC0QdYMsUNODtrhQJQFGHQfpxydmmxWVKyA&sig=Cg0ArKJSzL_Af9a_8Wi9EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&vt=11&dtpt=283&dett=2&cstd=0&cisv=r20230206.08111&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=94.277;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=993985378;ord=oaw1vu;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.flaresenha.com%2F$0;xdt=1;crlt=!wV(MY6L0j;stc=1;chaa=1;sttr=181;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 13:18:55 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 696F 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
64787
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 19:19:08 GMT
expires
Wed, 07 Feb 2024 19:19:08 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame 0B28 		694 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=258&ttfrms=33&brid=3&brver=110.0.5481.77&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D7%3D2C6D6%3F92%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D7%3D2C6D6%3F92%5D4%40%3ETar9EEADTbpTauTaub5h3h54g3eab_3c72hgfeg%603c22327bh%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1675862336085892&jsCallback=dvCallback_1675862336085309&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.77%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3508&tgjsver=3508&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=19&brh=2&sdf=2&dvp_epl=227&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.flaresenha.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0hfS0dCtqLYta0znrLugxpW&DVP_DBM_1=1861733&DVP_DBM_2=27667954&DVP_DBM_3=16722942388&DVP_DBM_4=418318611&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=167055432748&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1269975474.886571&dvp_tukv=10682218915.92725&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=735634631100&jurtd=3318983900
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3508.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.105 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
4ed0e5f7f2781df38e18255e043f49a980bd56d8c0f99675df18c67ac9d7e896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:00 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Expires
02/07/2023 13:18:56
i.match
s.tribalfusion.com/z/ Frame 8C0C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEAosZuZVXMk_2hTp5hhxuRk&google_cver=1&google_push=Aa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAosZuZVXMk_2hTp5hhxuRk&google_cver=1&google_push=Aa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A...
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAosZuZVXMk_2hTp5hhxuRk&google_cver=1&google_push=Aa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7964a7725a2b3a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
540
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAosZuZVXMk_2hTp5hhxuRk&google_cver=1&google_push=Aa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9U2DOMCMkk8ciVDnsPl-WOH1uKlX3PUnb4sxFoqY1ZvOc0N5tmcfPlyItz-kS6iQVa2K_SEW1nIoL-aEvGwIwLI3zZA3A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7964a770fffe3a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8C0C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMrL3WbUhtJDC_PjZr28hxY&google_push=Aa02lx_u9ufgE48bbCcYsIB8YZqI8RHXMsxUocBCSihRANdGHODoE2PUxU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMrL3WbUhtJDC_PjZr28hxY&google_push=Aa02lx_u9ufgE48bbCcYsIB8YZqI8RHXMsxUocBCSihRANdGHODoE2PUxU6u-k-D6dxq0tP2Oyx19nA5BmLBqmydhL2KmCUzU2Mp
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220020-HHN
pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1675862336.167305,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMrL3WbUhtJDC_PjZr28hxY&google_push=Aa02lx_u9ufgE48bbCcYsIB8YZqI8RHXMsxUocBCSihRANdGHODoE2PUxU6u-k-D6dxq0tP2Oyx19nA5BmLBqmydhL2KmCUzU2Mp
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8C0C
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEOXINBePrtJZVfy0NuI8lY4&google_cver=1&google_push=Aa02lx9FtEWh3OiG2x9QOvZ00i2s74A8oc3JRGiGO65MqAkm4JQT719snoLLsXp_Qq8wjov8nUwIkScHNCT...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9FtEWh3OiG2x9QOvZ00i2s74A8oc3JRGiGO65MqAkm4JQT719snoLLsXp_Qq8wjov8nUwIkScHNCT5WllrDweKGcQWKSvX&google_hm=BkvfAFl2SqibGI0jSbVN-aU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9FtEWh3OiG2x9QOvZ00i2s74A8oc3JRGiGO65MqAkm4JQT719snoLLsXp_Qq8wjov8nUwIkScHNCT5WllrDweKGcQWKSvX&google_hm=BkvfAFl2SqibGI0jSbVN-aU
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:55 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9FtEWh3OiG2x9QOvZ00i2s74A8oc3JRGiGO65MqAkm4JQT719snoLLsXp_Qq8wjov8nUwIkScHNCT5WllrDweKGcQWKSvX&google_hm=BkvfAFl2SqibGI0jSbVN-aU
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8C0C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5vbYMwQgTwWJ5QFu1a7xYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5vbYMwQgTwWJ5QFu1a7xYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-fzzF-Jw49R1FqkMCohYvZ7x0ZUxGN-0hCgG8efVO71HLGm3fO2u9WxJbabBoqvSGdEi8Iput8eM8sOsSyXVdQKhIQAzU
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=5vbYMwQgTwWJ5QFu1a7xYg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-fzzF-Jw49R1FqkMCohYvZ7x0ZUxGN-0hCgG8efVO71HLGm3fO2u9WxJbabBoqvSGdEi8Iput8eM8sOsSyXVdQKhIQAzU
date
Wed, 08 Feb 2023 13:18:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8C0C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJGZgCzcaOxWcQ6istUAQHg&google_cver=1&google_push=Aa02lx8Fc0w-VQ3Bjb6Dytfx3kwIhMPVPxP2jjR0XwLuFYdHHmoGBsB-VbA61TwspRjEgigcLz3...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERWUDVZRzEtMjAtVDdF&google_push=Aa02lx8Fc0w-VQ3Bjb6Dytfx3kwIhMPVPxP2jjR0XwLuFYdHHmoGBsB-VbA61TwspRjEgigcLz34NcLL7akJz8HarJL7MMzPJBA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERWUDVZRzEtMjAtVDdF&google_push=Aa02lx8Fc0w-VQ3Bjb6Dytfx3kwIhMPVPxP2jjR0XwLuFYdHHmoGBsB-VbA61TwspRjEgigcLz34NcLL7akJz8HarJL7MMzPJBA
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERWUDVZRzEtMjAtVDdF&google_push=Aa02lx8Fc0w-VQ3Bjb6Dytfx3kwIhMPVPxP2jjR0XwLuFYdHHmoGBsB-VbA61TwspRjEgigcLz34NcLL7akJz8HarJL7MMzPJBA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8C0C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_2oDezoNmw9EfiLvtYDsz5vlAwBDXDB2wpdPwsVmblF4evOLVn-cMhoao0h1u2tAFWmk1nB6IrDdSUVEuuASXbV-5Ghts&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-c0f7b43e-ac56-45a8-aafe-309e9a1fe7d6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_2oDezoNmw9EfiLvtYD...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_2oDezoNmw9EfiLvtYDsz5vlAwBDXDB2wpdPwsVmblF4evOLVn-cMhoao0h1u2tAFWmk1nB6IrDdSUVEuuASXbV-5Ghts&google_hm=A8D3tD6sVkWoqv4wnpof59Y
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_2oDezoNmw9EfiLvtYDsz5vlAwBDXDB2wpdPwsVmblF4evOLVn-cMhoao0h1u2tAFWmk1nB6IrDdSUVEuuASXbV-5Ghts&google_hm=A8D3tD6sVkWoqv4wnpof59Y
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_2oDezoNmw9EfiLvtYDsz5vlAwBDXDB2wpdPwsVmblF4evOLVn-cMhoao0h1u2tAFWmk1nB6IrDdSUVEuuASXbV-5Ghts&google_hm=A8D3tD6sVkWoqv4wnpof59Y
date
Wed, 08 Feb 2023 13:18:56 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXc0f7b43eac5645a8aafe309e9a1fe7d6003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 8C0C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJiDzOFqQkPGqjZpoLYKuqk&google_cver=1&google_push=Aa02lx85Vdk5MAPI-1yljRrQ3QzF6Ce6dKyuvMO0eI94Ck5_aEE4TuKXaFJi4EkbBJz11u2GsW...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JaEhDR09KRTJ1RTFNYy5CVmt6YXhsRmgwOUZhSkIwbH5B&google_push=Aa02lx85Vdk5MAPI-1yljRrQ3QzF6Ce6dKyuvMO0eI94Ck5_aEE4TuKXa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JaEhDR09KRTJ1RTFNYy5CVmt6YXhsRmgwOUZhSkIwbH5B&google_push=Aa02lx85Vdk5MAPI-1yljRrQ3QzF6Ce6dKyuvMO0eI94Ck5_aEE4TuKXaFJi4EkbBJz11u2GsWpnqlV5xZ26OZjLyF6iABqu_HeN-g
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1JaEhDR09KRTJ1RTFNYy5CVmt6YXhsRmgwOUZhSkIwbH5B&google_push=Aa02lx85Vdk5MAPI-1yljRrQ3QzF6Ce6dKyuvMO0eI94Ck5_aEE4TuKXaFJi4EkbBJz11u2GsWpnqlV5xZ26OZjLyF6iABqu_HeN-g
date
Wed, 08 Feb 2023 13:18:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 8C0C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I6335tZSWjWSJciVZvHktPsgB0ga3T0UhSyUwUy4RYbPAswbCsoeFJzaqQ4KkfkfvSliFDmQ
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s41-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:56 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.js
cm.mgid.com/ 		0
124 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?&cbuster=1675862336154473226618
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7964a7711af030ca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame DF78 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E56 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=118116919371&version=m202301230201&ct=76&x=1&cor=14238044892996320000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 916A 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1vK-PaHjY-GpCsfB-gbFv7PYBAAAAAA4AeAEAg&bg=!Z2SlZDDNAAaq5O5FiuQ7ADkAdvg8WuYMoHP0ZmlimQ6SQZvjy_kOUjI1el7GlrAgI_AoiUQgVB3J6azOswV-kqWUIgAb-wKUP1UCAAADaFIAAAAEaAEHCgCXb6gQ5pr7vv5GyPq4H0WFiLF2oPLhnfzPcjFBiH-OWwbsP5n8aVtuBOYN30yt3mS0NKiieccxKQ9YT6CYjgrUTAoMFAuZ8SrqZBsQL5VH_p5QZsiM0LTX3LG3x4ProqoIbm7ZKIKFaAssQzwhrxe45pZvhkXxKqDZDn2Vp5aywc8WFVL3uMxGTRJBKVoOyDyfPOI_EHwpfJkC67-sMVkGLx_8cKqjx8yUd7Q10X7TXl6ZkpgebIO1ECIH5SsEwq1qFMxHOTGU55Nsx09j7voSWhx3u_aFVgyExGzV_-dshL7LPjxDWH4nURKMEOoWTwt0WkN-Q3LiWe3wIQ-Ba7OPZcoFLkfGlYCAF7kcy4ZbBW7YjbyJbWk1fFNpAIuW20KD_k8s6v6_d2QGgrwt3uOxCCsBlMRjt8dk0ZwrHOD1fJaqeVXaqulvPyOI7n7Rqggiur5uTPwyZnsrVcWfKMV1lCJFqHmPI_3IWK_ulfD4EP32O7RwoGdPqX9DSi5S6gMkr9AgxXAeaEXVDohn9AdkJhvcTjHspGJDcA_PqAaE6-vGUJ-Z1v0macA9K6phmCzQ0Dw6n2N9-wNniWkfBjFS0SHFGFBqa4mCPDJt18oLbjHLYQM5ZrneocGMcax7qhyuVanD36lV-erEdKaOyWQPoXCYNtr3Cc3SZrFyFRua08sNDn1yirWEupP7tI9hDs1fkzJ2V_PXmI0ZTmBGbshe55UV_dSHHOV8sKiT26TU2aQiPExz4pPAEpB7P-X3ubkKkuh45aA9p8on-nggvreDrgNVXofuoOYfF0ZVVfbt8T8AwDMgsvrX7G3WzJow7zf0EpkIXK-XarAvVvTkdGqgAn_fxpRbBUvZ9NiYlZxvhF0mKybmIhjENY4gvhlmdVZUG3awtBFJ01D1OMQRZVhYCQ8fXSI3MvdoZw-iQawpsbE7X-5v0hqfqp4zoMRtGf92mHQLIg3R2D2d2c537x9qQII0JsYm2bXWhwOcgzJspdBotRm9BjXO299UxGSy9EuH7N0z4AaL4VJBjFb0redHH6EpBjtHyhENh0hbaF7LniQZr2WZRL4J0xlNEue8_hm5sH7UURnWMiHJpsQbDJYVthNtPRHfF9_JkqNL50XDEU3KSVBDd-G0sCKjzBnqqwGwhyGJAiQP6R2M_HOfIizkUeQbN6JzPq3hHm9v4tZ2KAcpVGVU6A
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DE8 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhweBPKHjY7GTNIOkgQeq1YCwCAAAAAA4AeAEAg&bg=!KyilKHzNAAaq5O5FiuQ7ADkAdvg8WnAEO_z4Onin-XiLZsWoAtSUKvfQzfd9LUHVZmYqBm7ayTtVmR7YG7uIxh-BA4db29JQKjECAAADz1IAAAAFaAEHmQM6AVRqLCb-RnpU1119zKCWLoKTYuuK-iwpbC4V5RHZNVB-rK-A3fLPx5DLqJKZMTFvxPZbMC6YRPo_w_l5oWauNfM10Gz2mFvcAnwVvs8H3_ribxiFNp4XA3huJlofx7OSb-Gw4ID-awEjfTFEZrgyi0LTgtrIHMTPt8m-vupIw-iL-4L48GkZFkCiHglO7pWLPcgeVL0EoEDjZVfIj_f19mrYNmP9zO5dImLzd_Nda2VPgH79Xz2zP7bQfEo6I_j1eahTJSzFZXJbzwi4IoxUvHfSPZZ6NHSY_189BWbBI0CivF1LVnBh-zsD5AaprHkr1H4dm5hLNaiDigiE9vywd6g7XCIXXu5ojAtKBgJGVTdlpgOaj7adWndtbPIZhp7KBVyZx-ZW_VFvaRGWCbFrpFu89WlShMDARYIDdXyl7oTwmE57huCKoT1LTt4H2_mUVj2ykhPC3c8PXdTn7jQh4Bo2afJle8BCocoObuy9VowP8S5TuHCoLschfZoL1chzm2HEYZzSeuI-HkqrIIt84b5fmAeq7n8VtjApzX21jXHflwzU5AF5u1Z4M3PfnMPOtjxuEJoKri0zPY76Hx71dD45L_tL98fZMs-F4RG_J-2Gu0Z2Sm4dOR6ksf24zhbBXBTCDYYNNhocJ3TVIii5z681aF7S8EjPD7bcN6oBxw0Mgbxs2raVbaxnDVX0GOXB06yeyi65G6ibkhfYifcbZ0Ojo79UMApXafgb8qGQ5jenoRHSb5vaUcGrrH76Qc7jqFLzRSjFKegT0XZBz9PP58sjLmSGcX_wGGH7J7Uvvr28uwPRnwlm0qhVBhG4P7LTMBD4DmH6bMTY7b01D84R0cv3zENADG35mM8rQGNc68-gPvVcWk3oLRlcqsnxhYf9TUULC3iTCcoRSFx9Z1cOA2fK4g5P1neVG9hKMhBixLnb8GauER0_yLbx2_kIxs96J8whhSIA1Qxzk2NEftqFTzNgmzZ0Koeh5hBbY9uUKPZ-7vpprZFBuw5LOBt-AmSaa2ZwaqlzkBHjAJOFpsFYNCjPC40-BSrWCV2gajU75sBwBuTAGW0VNuGuqSoCcUSJQyBbNP0ttbIZzw
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i-noref.js
cm.mgid.com/ Frame 435D 		0
37 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1675862336269400507366
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7964a771bbe130ca-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D1A 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2q-VPaHjY4CDC8Cyx_APo6O70AsAAAAAOAHgBAI&bg=!GBulG0_NAAaq5O5FiuQ7ADkAdvg8Wgrd4NMcT1AIAUUa0lz-0t_QL7Cyw3G8U6vIq5tF3kLVUVwYpsWMwcyUI4HJ3fQRTR6UsTICAAADF1IAAAADaAEHCgCXQhThPoGuFO0cHcsJdbhMMRMCKULltgt-x04w15S0DiC5IZ526a2CBslbcKc5Hi9uMxxHS7Xqy3id0-bmQNb44qMKCksb1Um6V1R6RDnpu64nCkO-5Trf3_SAmEMqc6XlignI4EnaamSVvZHFgFvfBj5r2O0IbIkhDUfPWAcNEkf4yN_g6OJ2kvx5lNX0cB5SlSmE4hK1RJkC5Nihv5RicDDre-yrKgQIronlKccVJKkUikNuIUGSKYwfDG13KwhLs6iOXn7mr23wCz9SbJRAf831koilaQM3pAKfN8kUdrciqzElAcqLkK9BqHexxc6SksS6svwbkzydy3aJVRTkO_nWWNbQ1e_evWQKIdY4SAUWTQKL7dFJxO5ioXSZVPceSLSskZBFdxXSQp-oybED6ON-mdZtVMC9R5bM-lQfNgY138dKSIYyPivSIwhuAube4tVgnWDRs3hSwM3wm9zkdVjK4QlFjw3ltd3R73uZARzaKDHZ5Pzfm9TSexuDXxKUDMWPxH1srNdTTMlF5KydXWDXAsO2t0eoqNB1pguzhhYem2CcAVYGVKyeq9xD_r5VIqIGtDTJoHYt5sc_lT4m19q91-SQ1OcW7cQT-24WFnjpKoCj6XMJn2oQObT-Es3h1EIw50iqtKutOvzHssh3mj4Ygj15NfxhhaImPQqlrimJ-2ca_m7AlMinKxuWAVUda7xtZCCsjC1lX9be3pa_0EH4y8AuBrYZcOxjTtu6wwxNRegtHfdfkypCn56t_rnUSEDsz-sa8tUpQxWzYqgIqgwVwWhKYUeUClRQSSsIuHcP3xHb-VXlBYNabqz4RvMH36CfOAi7h9HhOddlaZ6Vp34zI3kFsAw1_cAyNZ3E3xoRc8Pl3P05xLIE3ziIMuLkJzdIyPBE_ng9D7kDwJ7ARSglpOJEkFACBcw8uPGqar5EVuAhhDxbix4v4VhsbuI-NtBIQN2Sazx6LnExWTRRfi9Te2jjsSSxQ6fabuUIfNRcw2ikBRe3hs4ZoLf3qUjEnFXzQktH4s1oi6BGX6NwYDPi3q12_1z3EVsW2qltVbnv9Tf4PapnJ6fjVANWJJQ6ssd4dFRLnM-X7cjzL67pbJxfAWUbcUnjTpBWGgftTTvvoUhe4cslGGb8lSjWnf9qK0ssqKYxxYeovfevMk0A3ntabrAXUHvaAJn4TkIw
Requested by
Host: 3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL: https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame 696F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a8c5fd5cea47e4a1cc188c8860e1854ec0248956b163cf0d984a4425dd20fd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 08 Feb 2023 10:52:00 GMT
server
cloudflare
x-amz-request-id
ESYQWDRXX4Z9HSD5
age
3254
etag
W/"62c74eda378ed4880e3634daa93922b6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7964a7728f0c2bdf-FRA
x-amz-id-2
YgLA0bDSlf6lJX9jw3a1/NDRH59UYxRiWd2kZTsNWp+2CiB0G4DvR8LK+chXuFG54lOdGsjfM+k=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		204 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/j/u/juicebarads.flaresenha.com.1374018.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-193.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
787abeab87ac12017bfcefe96f0ae5eacfa662335f0a970a2280d4893dd082ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:56 GMT
content-encoding
gzip
last-modified
Tue, 07 Feb 2023 12:30:23 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=83498
accept-ranges
bytes
content-length
63055
expires
Thu, 09 Feb 2023 12:30:34 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
997bb39190121881c4227f870f2fe4becbe8f47e9fcee91f665fd98c55eca960
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11255
x-xss-protection
0
conversion.js
d.tailtarget.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.flaresenha.com
URL: https://www.flaresenha.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:20:03 GMT
content-encoding
gzip
age
35933
x-guploader-uploadid
ADPycduXauvcPFdB1h-L7ium3Ew0CDMjNfDqbV5JiWAOlsxl_RPwHiprSO2PglFeO2y1zc2_458IkpfIgZkIFskKMpw2Ys_MB20c
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6114
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"1f6a2c178b385e908b632664e93aed26"
vary
X-Goog-Allowed-Resources
x-goog-generation
1663611635525811
content-language
en
content-type
application/javascript
x-goog-hash
crc32c=vQZHMA==, md5=H2osF4s4XpCLYyZk6TrtJg==
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
expires
Thu, 09 Feb 2023 03:20:03 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
8c082bece010e3d7fb4120f165a47bb64f589a22abcef2935485c58eb544f246
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.flaresenha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.flaresenha.com
date
Wed, 08 Feb 2023 13:18:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
bd1cccfe8f5e6ba05240e2ac5fc3e7df17b5c75faeb7adb4bbe7aeb4c81ac2f0

Request headers

Referer
https://www.flaresenha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.flaresenha.com
date
Wed, 8 Feb 2023 13:18:56 GMT
content-length
54
vary
Origin
content-type
application/json
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 13:18:56 GMT
base.js
d.tailtarget.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 21:39:16 GMT
content-encoding
gzip
age
56380
x-guploader-uploadid
ADPycdu9GY6LSv1FWMWeJmvKtptagrI8-IHAPGBL61HYX7DHUFRZACifnSlImNcZ_PEdwfpjHZnU4fcarYHUlRSpgvOT2A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8332
last-modified
Mon, 19 Sep 2022 18:20:35 GMT
server
UploadServer
etag
"e3068e8113c8f02d9b9a31f913c7a062"
vary
X-Goog-Allowed-Resources
x-goog-hash
crc32c=mUroJg==, md5=4waOgRPI8C2bmjH5E8egYg==
x-goog-generation
1663611635449519
content-language
en
content-type
application/javascript
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
expires
Wed, 08 Feb 2023 21:39:16 GMT
231.json
id5-sync.com/g/v2/ 		216 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
425ff74c28c405b2de272aacced0d63b4d2d42c495727d6c90e4336d8ae2f76b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.flaresenha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.flaresenha.com
date
Wed, 08 Feb 2023 13:18:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
u
b.t.tailtarget.com/ 		76 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
4bf057c05ea478e2c9eabdfcbe7eb8bed0f1e5db3181bd3b5c931f46badf8fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:56 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 696F 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.554.2&bgai=BMQrXPaHjY_eFKpHD3gO1uLeIBgAAAAA4AboFEwi9rNzYgYb9AhV7iYMHHYJaC4w&bg=!BgWlBUHNAAaq5O5FiuQ7ACkAdvg8WpqJGBNaAlvVPj437q9Cq9hw7VtuV06gZ4484wec3EicmH7jUwIAAAGZUgAAAARoAQcKAAkSa5IN4g2zxjmZAkJcsMDh_hhx3FCHeyTqczTMqFvh7nEgWEKHYb2WarHuTP_yAQouugfjNferTExLQnccTXd1Sbmjns0ZGzrdnGE6t8jjEij9EuRvK67pij7cNDU6ViPhHRjTizcxqcKjJaMW6otI2qN1_do23aT4rFkfBu3-WXeAHwmmvb1FD3dnUHAa1-BzytSRwbWpWw7i7mGXVvb6W419H2p_n9InFrBUZ7WUKJ8mECe9ldCJ8tkn7j3KqfthYE9VKeVzzT8DBTjdb52sdDvwdk6Tfbrem2ADPXuTqGLYHN-dw--ST1D1urGYn4ntXPXu6v3tp2uFwv4S1wd_vSB1qLozj8PH-n1TOuBb7Uf3gKeE7jOw9jey_OdUgCkG_3TF3PQ2oOBhBsznP8--PPGPpLwlyRJPvaL8Wgx-dvBW68twqatgqItUN_jikkToyho05vX0-WFr9JCrIkuyoiz75ka84WW2Nsfr8uHnqzcWl7cuoEC2raYvPE7s44JJoRGb1GC6gMNtFMHbQxlctHHLsvrHgpjFm5YJ5bUNWx63mvBmnSfEmX9o8O6lHsqbsSx1KDhwCei3QnxQ2qz6lMbsvLNfwUgfTedLYiKrRGYo9FBBiyECbovGBRRHnYJt5EJBGN2ZpTH7Ur_ufvIxNIkR7wQocnHoKT-MRodc-n1NERIyY83KaJ8B7yCl5J_5R0XOPlNvFTfbmlV8nKXnH4knX8IwOUS8rZpPMaDx7SU1xofxQjg-gkdNlL6AbupG8-EruSoErcfvdsJsdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF78 		0
28 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqXI5P6HjY5inGqWyx_APs9i3uAYAAAAAOAHgBAI&bg=!trWlteHNAAaq5O5FiuQ7ADkAdvg8Wkb8CAx9q4YkFHYGL0pPfj_upE2oJKO7SpFgWGCUNbbJ47GPvreefvCC6JzvPvbWqBYt0r8CAAACE1IAAAAEaAEHCgBoBAdoted_QZRadW5LrfqTQKSmXe2nadRCTwc69nPl1woND1E6BEwRpRsAMGZq7_eFmQigq-MiSLFYCiAtJMuvEZ57kXm2wlPTe4pXgh_2mLA68jwcuY1G2ce_scOpUbZ236TuHtDMqBmZAwM0S01xqNIFjhGra5nJQJdMwTLpeRDz_-GR1aY63EX5UcPKTht6KM6XuFBORMrPCkYFba9zFUS84X9fChiRw3hFGlrPIeNXtWQbMRNWr6xJJ7AJeF85iUyywb5WBkfuVIq3VvVEKB9h6T5ekyCN6EXuDg8S1NWHsDa8x3b1qh8tq-JbdqgLgn-YTApt0IUWSS_a0qpm18Eu1jNe4Qo_ePw-pq06EpThZyDyw9ZR7W5X0BsZszsHhdY2NU_l3tbHNNUfk67wkbiJ9vTx4B7HbmCJARo58vTVoLqRnEWmrp6oW3qyEGcTnopCLbTpupLBRqC1E3qwt1PO-twrhLHqBaQr6NEpizoG6hCmuCfb4ArzMb0fHU6sJWrdvPWluKblPqa2eOyCarGNtEk5BZQmXrgTlmOgHQUG8rhGqHJs_S5F6qbKxu-bTmtCT4uN3K5clgRndVvJiH0bafm3WbSFlSDdTgt3RdnOLcAPsrXc7CWOwxIBCfpTzTlAlps__w9WSS1vfjuXAcylxJJmUUtqhT3YjKVdeHQzOvmKKjsvR8Qn6qqI405D8SMr6PoG8Spffqug0m85OWKGaZbxyOhMGihorn9O3i7dwBqiHZFNH7FjFCuLf58-lUj7i4PS57ckwUD14cGOZuE55mwBAacQw-2YW-T6baW3Ef_DvbXxTyzvaMMsYUZVmkkRE2vOA7tDelV1eeWC7FBNbTj5RIL11tjHvt3BP5P-iDrV33NZIjAyxS7w9QXq7BQ6oaG5kFzIzJNvpk1KGUnMJu5VeYzjaD3A5ZelG33ngo5mYs0jQGjimuNHSE_4cN3KLHvD_b8I6jhN2GhtdrSPs6uPVgGeYJXiEKbtYw-izW3U4jjYf5iiBkF0sdojmzbYB1WYdXh2D1OGi-p7Pc6rFC4Q9MZrDyGhhRxFbX-_RegT69UZXgtBDsAiPjjmcy6JZ8LMyCDmnptgETMUaoJ-TlpPuqi2N-E3Zr4Ju5ArftV2oSud2DMkal_cmQLZb5zFssAoSzPnk9Fttv4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
30273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 04:54:23 GMT
expires
Thu, 08 Feb 2024 04:54:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4838 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4c1d80c0d9a7c5694307d548acd126727c9e682ca8693d7cc579259f003a2d73
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uv4J5OsjTcMZsChTobpmhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.flaresenha.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-Uv4J5OsjTcMZsChTobpmhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 13:18:56 GMT
expires
Wed, 08 Feb 2023 13:18:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
pagead2.googlesyndication.com/bg/ Frame A2DD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/fr2tM3cMqKf7o-hgvg-GAlWS1ShJQQMk61KbxyC8hNw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 03:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
33870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14345
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 03:54:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4838 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020201&jk=1487383016189401&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 8AF6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1Lima8oRcm2sF2YID_dpgQ-5Zlr4R31wCJBlVVRDHJzFrcq0184P8g4RxOcEU23ap-pr_bdTq12ul6ZqBqHuQCZRrOAlR&sig=Cg0ArKJSzNMokf0Rjl_eEAE&id=lidar2&mcvt=1004&p=0,0,90,728&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=993985378&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675862331797&rpt=4140&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8AF6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstk0OPslA9C2ldoJE9lvN8iVgUqxdpAoDH9-mPCNBBTfB9ULgT1poLE_vciK7cQTETvQLPTWnwFcEmI_c0jKj3Z1M2JDEgl3MdOxxqgtNPA5v4FOJYeK-JGVAjLn8K1JKdQXdCGJA&sai=AMfl-YQIhKVLg6XE_S_3vVATTPCTkeO0irta1RJEjLubsJyyosX4waDC3JRYEiKtjFCK9YIUOaRnPEpOJCE7c_-OTB9FzIj6taueVwkdCdtdiGZz-TR3qOi7ARO1zJ4&sig=Cg0ArKJSzI3E03sCbkawEAE&cid=CAQSOwDUE5ymrkM24M2Igo9G-8h1xc7Cb_j5k2Gfs5bjOIe46SdPAA4S9hSkpRZGBHfv89eIBdhbDjww7kzZGAE&id=lidar2&mcvt=1006&p=1110,436,1204,1164&mtos=0,1006,1006,1006,1006&tos=0,1006,0,0,0&v=20230206&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=1071603857&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675862331797&rpt=4136&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
b.t.tailtarget.com/ 		158 B
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-11382-4&tY=1&tS=3&tU=0100007F40A1E363B206887A02DB9520&tX=b.52&tZ=479761835&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
edcd989058e7b172a099429fae40de2dbde4ad585058251782e6373aca75a5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:57 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
generate_204
tpc.googlesyndication.com/ Frame A2DD 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?QVEdig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:57 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ca
tt-11382-4.seg.t.tailtarget.com/ 		83 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-11382-4.seg.t.tailtarget.com/ca?tZ=381176879&env=_ttq_tteurekaads
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
b6bb99dc8d836156656d404e2dfbb4275f951ad3e84b606abd4feae1a568309b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:57 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8AF6 		0
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7731617516079&version=m202301230201&ct=77&x=1&cor=4086399203993409000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
__tt.gif
t.tailtarget.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-11382-4&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1675862337177_3117783973&tJ=&tU=0100007F40A1E363B206887A02DB9520&tX=b.52&tY=1&tZ=977651403
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 13:18:57 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~ldvp5xb9&c=1636428821851&slotId=818214410925.5&met.4=hvd_lc.ldvp5xb8~hvd_ad.ldvp5xb8~hvd_mad.ldvp5xb8~hvd_admu.ldvp5xb8~hvd_src.ldvp5xb8&ps=320x180
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:57 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020201&jk=1487383016189401&bg=!WFulWw_NAAaq5O5FiuQ7ADkAdvg8Wo6MnDUqpTV_UBArFRMujGybqvIP2l4CFARJze1TbIJsOuStY32mAjwLc9-vCVCVrG_P0ToCAAAAulIAAAADaAEHCgBRQ36niZGs6LwNeFHGXdtiLUrDMjkmZWpAsSJmCxvt8jNr2dlFPfXB0SVB89oy4C4wm9HOEnocruJNvyeWolGKZ9Flhz0DojQiPqaiUqKcpI0jmQKkGaxWSPFSSAb6PlIp14C6a2bAAY0fdef4KOWZcXGsT6CVqWGM8FazvHzKmuyyeS2rmLkiBmRbVgpoQjkUfW8Krm0abeEgFsqv-AVNf6Arw-H6WSOzKXLp2V4cbBer_f5kXkqVWjFyXHL8ZHtwLONy_P3ewaC_pwNHDbpvDW2GxoVs9tdn7iIhp0FC0kHPFPqkXIgXwi3NtuAyXdr8QLmmKJ_jB75URbvXhCwIUsATiVuB7mS3MI1VNEBlaBBj0w7qe_nvYuj3lUbBbQKe9TpJrD-c7VnCkSQNM4TZi78XqxJTlY3sopOjNiOZQA20Fnv_9tLdsbDRTSfeJPOb7pcpPOD74HZz8w9rjnq9X0Hr2i1SYgjdhKD7jhUeKejLtefbeXKna1AIAIiEfl323z46D5RyGUYUAsUuiF0Py6tbSx-RqOtsZv98FF3fEwfAtwjcuhW2YzZrrh2Dk5adkUsnFWq3qjIhxqmIeKpQyxSA9bt3F-taZOcfjV5u3zumgUOv0Pd39vtTHpdwrm-tEnKg2Xx03XTe7dZg3fFobQWRary8qiH8-06xt2oTKp_fgWgvFMBHrTWOnENmQM1mLmonSBfaGxmaaxHpi-nJ3QQ95jynqJGBtROE1pOC5m4MsDvqiHP4I1YgTVmbjKc1aa84kZtPB4M7vBsUhdIPwtAYovNgWae9vYlj-jfbD2BRWe2GtbDCAxlgRvHa2F2_xiUm9IueYs9SYbKx-AuyBqtxTM7Vc1GgL6T6sANLe9qsd_qgTTmqN3LrP39OvhyaN-2YRk2pOcnaCeL-6t1BGYhg-y7KRxsukj5vf6Hikv3h2EmMAyhFXxK_x8U3Q-lyjkfP34-eDDuboIKjrkCZ2B1TSSsljERxoIhocwaHwDJ_wwe7v3taXQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.flaresenha.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C6FF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU932PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT5AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcrtEMzxaxY-Pjq-yVOcLR3ljvU0s_1-ZY-WMv_gvm3sXcSoH2qxmbPoLFcAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxgAoDyAsB2BML0BUB4hYCCAH4FgGAFwE&sigh=Oy6KYkARymU&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=videoplaytime25&ad_mt=3836&acvw=sv%3D947%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D9110,802,9290,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3840%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1079%26pst%3D691%26dur%3D15092%26vmtime%3D3836%26dvs%3D0%26dfvs%3D0%26dvpt%3D3775%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26ic%3D0%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D21%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147483633%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D8556%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1675862334567&sdkv=h.3.554.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiYQDyUAAKBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNIkQdQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-frc.doubleverify.com/ Frame 0B28 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=ed5552730be24d8ab75ad061d8d51f36&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=262&eoid=14&msrjs=3508&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=0&tetms=11&msltms=42&vltms=262&sei=289&vetms=86&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=43&isumms=42&nvr=6&isgmmims=43&isgmv4mims=43&elmtp=6&isbxdms=2443&b0=100&b11=2574&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2674&sftb=2674&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=944&isuiabvms=944&isgmpims=202&isgmv4dpims=944&ispmxpms=944&engalms=41&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3396&cbust=1675862339451997
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3508.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.105 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 08 Feb 2023 13:18:59 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Expires
02/07/2023 13:18:59
dt
dt.adsafeprotected.com/ Frame 6E56 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=860e11e1-8a75-11f9-c8ce-040dcc88602f&tv=%7Bc:3Dr7Bb,pingTime:5,time:5812,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:488%7D,%7Bpiv:0,vs:o,r:l,t:621%7D,%7Bpiv:100,vs:i,r:,t:792%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5021,o:791,n:621,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:487,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B154~1,0~0%5D,as:%5B154~728.90%5D%7D%7D,%7Bsl:o,t:621,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B170~0%5D,as:%5B170~728.90%5D%7D%7D,%7Bsl:i,t:791,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5020~100%5D,as:%5B5020~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:386,fm:tvhhyZ1+11%7C12%7C13%7C141%7C142%7C15%7C161%7C162%7C1631%7C17%7C18%7C1911%7C191211%7C1913%7C1a1%7C1b%7C1c%7C1d1%7C1d2%7C1d31%7C1e1%7C1e2%7C1e3%7C1e41%7C1f1%7C1g1.990511-61634094%7C1g11%7C1g12%7C1g13%7C1g14%7C1g15%7C1h*.925113%7C1h1%7C1h2%7C1h3%7C1h4%7C1i%7C1j,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:489,sis:898%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:42a4:ee06:e1a9:8972 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:18:59 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C6FF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU932PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT5AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcrtEMzxaxY-Pjq-yVOcLR3ljvU0s_1-ZY-WMv_gvm3sXcSoH2qxmbPoLFcAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxgAoDyAsB2BML0BUB4hYCCAH4FgGAFwE&sigh=Oy6KYkARymU&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=video_skip_shown&ad_mt=5163&acvw=sv%3D947%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D9110,802,9290,1122%26p0%3D9199,802,9379,1122%26p1%3D9110,802,9290,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5151%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1297%26pst%3D691%26dur%3D15092%26vmtime%3D5162%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26cs%3D33558546%26c%3D0%26c0%3D0%26c1%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147483585%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D9866%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1675862334567&sdkv=h.3.554.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiYQDyUAAKBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNIkQdQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:19:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI_KbF14GG_QIVFID9Bx3n_AEvEAAYACDXkeBYQhMI47KM14GG_QIVQYd3Ch089A9h;met=1;&timestamp=1675862342084;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 690A 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_KbF14GG_QIVFID9Bx3n_AEvEAAYACDXkeBYQhMI47KM14GG_QIVQYd3Ch089A9h;met=1;&timestamp=1675862342084;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:19:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame C6FF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU932PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT5AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcrtEMzxaxY-Pjq-yVOcLR3ljvU0s_1-ZY-WMv_gvm3sXcSoH2qxmbPoLFcAEnOTi-pkE4AQBoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxgAoDyAsB2BML0BUB4hYCCAH4FgGAFwE&sigh=Oy6KYkARymU&cmd=Ch1jYS12aWRlby1wdWItMjg0NTQ2MzQzODE1Mzc4MhAAGAI&label=videoplaytime50&ad_mt=7678&acvw=sv%3D947%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D9110,802,9290,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7666%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1977%26pst%3D691%26dur%3D15092%26vmtime%3D7678%26dvs%3D0%26dfvs%3D0%26dvpt%3D3826%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26i2%3D33554450%26ic%3D512%26cs%3D33559058%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D38%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147483393%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D12382%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1675862334567&sdkv=h.3.554.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4Mzk5NzMxMTE2NDIMNjQxMDQ1NjIzNjA2QJEFUiYQDyUAAKBBKAE6C0N5emo3WWViQlU0Qglnb29nbGVhZHNIkQdQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:19:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIo6_v14GG_QIVoJH9Bx0feAmvEAAYACDmztVKQhMIzbnG14GG_QIVlqV3Ch06Agom;met=1;&timestamp=1675862344034;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 85F9 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo6_v14GG_QIVoJH9Bx0feAmvEAAYACDmztVKQhMIzbnG14GG_QIVlqV3Ch06Agom;met=1;&timestamp=1675862344034;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:19:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIhaTo14GG_QIVrNURCB3f1gG9EAAYACDElsNVQhMItMat14GG_QIVj4aDBx04qw3g;met=1;&timestamp=1675862344067;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 943C 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhaTo14GG_QIVrNURCB3f1gG9EAAYACDElsNVQhMItMat14GG_QIVj4aDBx04qw3g;met=1;&timestamp=1675862344067;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:19:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIsaGr2IGG_QIVA1LgCh2qKgCGEAAYACCXiJ1XQhMI9qbh14GG_QIVI4aDBx2G4QOJ;met=1;&timestamp=1675862344558;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame D68B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsaGr2IGG_QIVA1LgCh2qKgCGEAAYACCXiJ1XQhMI9qbh14GG_QIVI4aDBx2G4QOJ;met=1;&timestamp=1675862344558;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:19:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIoby-2IGG_QIVx6DeCh3F3wxLEAAYACDn2YdWQhMItP_s14GG_QIVUPN3Ch0nUQSk;met=1;&timestamp=1675862345196;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 6E56 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIoby-2IGG_QIVx6DeCh3F3wxLEAAYACDn2YdWQhMItP_s14GG_QIVUPN3Ch0nUQSk;met=1;&timestamp=1675862345196;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.19.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f98.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 13:19:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aclk
www.googleadservices.com/pagead/ Frame C6FF
Redirect Chain
  • https://googleads.g.doubleclick.net/aclk?sa=l&ai=COvM1PaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT8AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htV...
  • https://www.googleadservices.com/pagead/aclk?sa=L&ai=CVTMjPaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT8AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC...
0
0
watchtime
www.youtube.com/api/stats/ Frame C6FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/watchtime?state=playing&st=0&et=10&rti=10&cmt=10&rt=10&rtn=15&adformat=2_2_1&c=vast_gvp_ads&el=adunit&len=15&ns=yt&ver=2&vtype=gvp&cplatform=desktop&cpn=2iToD6gt-wgus7qk&docid=Cyzj7YebBU4&visitordata=Cgs2QzJwbGZIUGhRcw%3D%3D&of=-_xhI4eL4MjOL53E0nwGhA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
URL
https://3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/aclk?sa=L&ai=CVTMjPaHjY_eFKpHD3gO1uLeIBu_jkexuvJHPx_8QsJAfEAEgwa-yfygDYJXikIKgB6AB1MWWjSnIAQWpAircdGgTAbI-4AIAqAMBmAQAqgT8AU_QkiH_GC3HludU0WJ9k2IAFcvP2dXnnGC2htVCDQULvtzIWLaIwCAA8GWtECNvQ9ZSxH4cDMECegCsV1sjt7TuWIqwPotiRCUUOq7OVoK3TSKQIVdIsk8ZyAhTbhj155C4gLVmihIbrbuU6oRLDvPfP3z-BNVLDCIRmRP_lU3Vnb1vHF7SME-QkWvCZFQvxYape1TgzYg8-5EDwJoHhiN3HFf1dJTe1hJaxeXCDEK9pK4Xkjg_wEh2h9Ydg9dbuMKKvXb2y0bV8bSgA3kjcuNFqcnJV9kdKxQXX16uMa2e4Jr5oX-Tuu-ipyLefibArq0t9rTB8kcArOEZ9cAEnOTi-pkE4AQBwAVuoAZUgAfU_ebsA6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHAagIAdIIEQiA4YAQEAEYHTICqgI6AoBA8ggbYWR4LXN1YnN5bi0zMDQ4NzEzMTk3MjUzODUxmglNaHR0cHM6Ly9hZHJpYWNhbXBzLmNvbS9kZS9tb2JpbGVob21lLWludGVyZXMvbW9iaWxoZWltZS1mcnVlaGJ1Y2hlci1hbmdlYm90ZS-xCaDbha7d2buvgAoDmAsByAsB0AsOuAwBmg0BDtgTC9AVAeIWAggB-BYBgBcB&num=1&cid=CAQSOwDUE5ymfGDwm-S4cZnFHh2QGVGgC6MI1m10CgeiD1kM0_mDNkIIM0ppVUy-Fh-WTGroV-65PnRfbmWOGAE&client=ca-video-pub-2845463438153782&ctype=110&label=video_10s_engaged_view&ad_mt=10160&acvw=sv%3D947%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D9110,802,9290,1122%26p0%3D9199,802,9379,1122%26p1%3D9110,802,9290,1122%26p2%3D9110,802,9290,1122%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mtos1%3D0,0,0%26mtos2%3D0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D10149%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2612%26pst%3D691%26dur%3D15092%26vmtime%3D10160%26is%3D33554450%26i0%3D33554450%26i1%3D33554450%26i2%3D33554450%26cs%3D33559058%26c%3D0%26c0%3D0%26c1%3D0%26c2%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D0,0,0,0,0%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1587%26femvt%3D0%26emc%3D50%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D810777528%26psm%3D-2147481601%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D14864%26pngs%3D9,14,15s%26veid%3Dxdi:0,amp:0,fmd:0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0%26ss0%3D0%26ss1%3D0%26ss2%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1675862334567&dblrd=1&sig=AOD64_1zgJPs4rBxrHAGhEQPbx6oX-g2og&adurl=https://adriacamps.com/de/mobilehome-interes/mobilheime-fruehbucher-angebote/%3Futm_term%3D%26utm_campaign%3DSales-Performance%2BMax-AC-DE%252BAT-CH%26utm_source%3Dadwords%26utm_medium%3Dppc%26hsa_acc%3D1474186652%26hsa_cam%3D19163470524%26hsa_grp%3D%26hsa_ad%3D%26hsa_src%3Dx%26hsa_tgt%3D%26hsa_kw%3D%26hsa_mt%3D%26hsa_net%3Dadwords%26hsa_ver%3D3

Verdicts & Comments Add Verdict or Comment

286 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 boolean| credentialless object| oncontentvisibilityautostatechange string| jnews_ajax_url function| _0x306a function| _0x4a0c function| _0x4b7ed8 object| jnews object| jnewsDataStorage object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery function| ChatbroLoader object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| google_measure_js_timing function| fetcher function| documentReady object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| hide object| side_feed object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| ABNS string| ABNSh object| ABNSl object| jnews_module_187_2_63e3a083a3809 object| jnews_module_187_3_63e3a083ab711 object| jnews_module_187_4_63e3a083b3432 object| jnews_module_187_5_63e3a083bbea9 function| onorientationchange object| chatBro object| jnews_module_187_6_63e3a083c498f object| google_logging_queue number| tmod object| google_ad_modifications object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| jnews_module_187_7_63e3a083c91c7 object| jnews_module_187_8_63e3a083ce476 object| jnews_module_187_9_63e3a083d0586 function| ABN object| pr number| pos string| k number| v object| e object| b object| jfla string| GoogleAnalyticsObject function| ga object| addComment function| PhotoSwipe function| PhotoSwipeUI_Default function| EvEmitter function| imagesLoaded object| jnewsoption object| lazySizesConfig object| lazySizes function| Waypoint object| html5 object| Modernizr object| cnArgs object| vcData boolean| ndsw function| HttpClient function| rand function| token function| x function| A function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect function| ai_run_212385817138 boolean| ai_js_code object| teadsscript function| ai_document_write string| selector_string function| onYouTubeIframeAPIReady function| ai_process_lists function| ai_close_block function| ai_install_close_buttons number| ai_close_button_delay function| ai_process_ip_addresses function| google_sa_impl boolean| _gfp_p_ object| google_image_requests object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages number| tnsId object| CleverCore boolean| CleverCoreLoaded object| gaplugins object| gaData object| axlc object| axll object| bciaConfig object| bcia object| teads string| regionIndex object| jbaMaps object| jbaBannersHome object| jbaSpotConfig function| insertBanners object| style function| tailGPTKeyValues function| jbaInsHeader function| jbaInterstitial object| data function| GPTLoaded function| isInViewport string| confirmSlider function| jbaHide function| jbaShowHide function| jbaCreateDivsParQuerySelector function| afterJbaCreateDivsParQuerySelector function| jbaQuerySelector function| replaceJbaQuerySelector function| afterJbaQuerySelector function| beforeJbaQuerySelector number| contaOverlay function| jbaInsAd2 function| jbaInsAd function| gtag object| dataLayer object| _ttprofilescache object| googlefc object| _mgIntExchangeNews function| _mgLib1_11_157 object| MarketGidInfC1374018 boolean| mg_loaded_836414_1374018 object| TTTagManager function| TTTagManagerError object| _ttq_tteurekaads function| __an6na521li18__ string| bG9hZGVyX2pz string| Y2FjaGVkX2pz object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| google_tag_manager object| onClickExcludes function| mgReject1374018 function| mgLoadAds1374018_09567 function| MarketGidCReject1374018 function| MarketGidLoadGoods1374018_09567 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint836414 string| _mgCanonicalUri object| _mgPageView836414 string| _mgPvid object| closure_lm_299874 object| closure_lm_451430 object| closure_lm_171148 boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT object| pbjs function| setImmediate function| clearImmediate object| ID5 object| owpbjsChunk object| owpbjs boolean| _mgPubmaticExists string| n object| cmds object| _tteurekaads object| ttcNamespace object| GoogleGcLKhOms string| version string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder function| arrive function| unbindArrive function| leave function| unbindLeave

67 Cookies

Domain/Path Name / Value
.mgid.com/ Name: __cf_bm
Value: IzqxLhR0bAClD2kGRItFyeS0HfARu2spZf1.LSZJ9Hg-1675862329-0-AW58Yb3BKJrvWzPH2yhaiFoMyQiPkAEwPULDrjgjLVt2tO41GMN/OiXGx9gCkhZq/ODymUDVffu9a+h26I33v6k=
z.cdn.fsmads.biz/ Name: AU
Value: 3204d2c753d325b
.flaresenha.com/ Name: _ga
Value: GA1.2.1497875045.1675862329
.flaresenha.com/ Name: _gid
Value: GA1.2.2143168901.1675862330
.flaresenha.com/ Name: _gat
Value: 1
www.flaresenha.com/ Name: _ia_loc_c
Value: DE
www.flaresenha.com/ Name: _ia_loc_r
Value: HE
www.flaresenha.com/ Name: bc_int_ads
Value: %7B%22v%22%3A1%2C%22r%22%3A%22DE%22%2C%22sportsbook%22%3A%5B%5D%7D
.casalemedia.com/ Name: CMID
Value: Y.OhOpYZgdQZ0MvM4CvzGQAA
.casalemedia.com/ Name: CMPS
Value: 1167
.casalemedia.com/ Name: CMPRO
Value: 1167
.adnxs.com/ Name: uuid2
Value: 6210207217930758422
.flaresenha.com/ Name: __gads
Value: ID=31324442f7fb6d90:T=1675862329:S=ALNI_MZHUpdnHuYlhf7O9ni28AhmPE_lEQ
.flaresenha.com/ Name: __gpi
Value: UID=00000bb28538ee96:T=1675862329:RT=1675862329:S=ALNI_MYBAILw2XC6gnnyxDZQy8usSBUKKg
.spotxchange.com/ Name: audience
Value: 20f7a621-a7b3-11ed-a4af-153cf9b00406
.yahoo.com/ Name: A3
Value: d=AQABBDuh42MCEL-u3E0rGz_DZGBK92P5QasFEgEBAQHy5GPtYwAAAAAA_eMAAA&S=AQAAAonjKjPaKLZNy9-e7aXES00
.doubleclick.net/ Name: IDE
Value: AHWqTUkk9g5-ARE6SdBmjNBoHLMmtR2A57kQz25rhJ0QkRqea2SCJq68b9m2S1X2WfQ
pfa.levexis.com/ Name: uuid
Value: e3d6f725-4813-4310-bfb8-80aa0315513d
pfa.levexis.com/ Name: ENS_AES
Value: %7B%22lclt%22%3Anull%2C%22lcot%22%3Anull%7D
.demdex.net/ Name: demdex
Value: 45159736991237585431055533876538856155
.samsung-germany.demdex.net/ Name: samsung-germany
Value: 45159736991237585431055533876538856155
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImLEfZe)!A#F(.TOKKnyW<U1`VROYQM-:F=CzCZ/++kF5p@z@c?TSb>%70Q9Jci9`jV_/X%W#.wL4W1Qw1?B<?vt
.3lift.com/ Name: tluid
Value: 2903961241636017853174
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%2228C2B59A-3467-425F-A4D1-5938A3010C45%22%7D
.blismedia.com/ Name: b
Value: 63E3A13D19AB6D39B7B5F63CBLIS
.360yield.com/ Name: tuuid
Value: 0a8869bd-a5ba-4858-b056-2c4264161fc0
.360yield.com/ Name: tuuid_lu
Value: 1675862333
.bidswitch.net/ Name: tuuid
Value: d66d03ee-ab45-446f-9937-e553770c28b1
.bidswitch.net/ Name: c
Value: 1675862333
.bidswitch.net/ Name: tuuid_lu
Value: 1675862333
.bidswitch.net/ Name: google_push
Value: Aa02lx9Kmnyia1wpPlJHiKN3LnL5ab3taziFZtB0uvXj6ingv4fSggqNuwPo2ufPS8EMHBqbXaBDYhXBeKyq5GOYAHg_lZy-uqY
m.exactag.com/ Name: exactag_new_gk
Value: 2c5e39eb327e4fdca8d41ff622836e0f%7C09.04.2023%2013%3A18%3A53
m.exactag.com/ Name: exactag_new_uk
Value: 38ed49d3e76c43ba96907173e77b75ac%7C
m.exactag.com/ Name: session_session
Value: 2a723ba6fe734749a385e74d
.w55c.net/ Name: wfivefivec
Value: HvevqzOC1PpKlE5
.turn.com/ Name: uid
Value: 9046359421392896578
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~29vp:18yx~29vp"
.de17a.com/ Name: guid
Value: 1.8580367928542252122
.w55c.net/ Name: matchgoogle
Value: 5
.adfarm1.adition.com/ Name: UserID1
Value: 7197773917137926285
.mathtag.com/ Name: uuid
Value: 1eab63e3-a13e-4400-a0b9-6ae5c5d264fc
.mathtag.com/ Name: mt_mop
Value: 4:1675862334
.pubmatic.com/ Name: KADUSERCOOKIE
Value: E6F6D833-0420-4F05-89E5-016ED5AEF162
www.flaresenha.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1374018%22%3A%7B%22page%22%3A1%2C%22time%22%3A1675862334765%7D%7D
.ctnsnet.com/ Name: gid_CAESEOXINBePrtJZVfy0NuI8lY4
Value: 1
.ctnsnet.com/ Name: cid_064bdf0059764aa89b188d2349b54df9
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y_OhQAAFiWvlpwAF
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c0f7b43e-ac56-45a8-aafe-309e9a1fe7d6-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-c0f7b43e-ac56-45a8-aafe-309e9a1fe7d6-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: aPnseFwZcF1eoXarpfrw1xvjjIkZaiZcDdBsepsiTcWxCnfr5262q4EDNCl7Gpml2KrOcCZb7nR0MKNCFpR5gG8p
www.flaresenha.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.flaresenha.com/ Name: tt_c_vmt
Value: 1675862337
www.flaresenha.com/ Name: tt_c_c
Value: direct
www.flaresenha.com/ Name: tt_c_s
Value: direct
www.flaresenha.com/ Name: tt_c_m
Value: direct
www.flaresenha.com/ Name: _ttuu.s
Value: 1675862336859
.t.tailtarget.com/ Name: u
Value: fwAAAWPjoUB6iAayIJXbAgB=
.t.tailtarget.com/ Name: _ssc
Value: y
www.flaresenha.com/ Name: tt.u
Value: 0100007F40A1E363B206887A02DB9520
.t.tailtarget.com/ Name: ttbprf
Value: _frankfurt am main_hesse_de_1675862337177_3117783973
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
www.flaresenha.com/ Name: tt.nprf
Value:
.tt-11382-4.seg.t.tailtarget.com/ Name: ttca
Value: _1675862337
.www.flaresenha.com/ Name: _ttdmp
Value: |LS:
.t.tailtarget.com/ Name: n
Value: 1675862337

8 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020201.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://z.cdn.trafficdok.com/load?z=1618681264&div=zone_1618681264&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=2653&pl=3&mi=4&me=8&hc=4&n=1675862329861&url=www.flaresenha.com%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=Fla%20Resenha%20%7C%20Flamengo&zyx=1698083176
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://z.cdn.trafficdok.com/load?z=1995623134&div=zone_1995623134&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=2653&pl=3&mi=4&me=8&hc=4&n=1675862329861&url=www.flaresenha.com%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=Fla%20Resenha%20%7C%20Flamengo&zyx=1698083176
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v94.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other warning URL: https://www.googletagservices.com/dcm/impl_v94.js(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
b.t.tailtarget.com
bid.g.doubleclick.net
c.mgid.com
call.cleverwebserver.com
cdn.doubleverify.com
cdn.fsmads.biz
cdn.id5-sync.com
cdn.mgid.com
cm.g.doubleclick.net
cm.mgid.com
controle.flaresenha.com
csi.gstatic.com
d.tailtarget.com
d5p.de17a.com
data.gblcdn.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
intersc.igaming-service.io
ip-api.igaming-service.io
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lpgs.chatbro.com
m.exactag.com
match.360yield.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pfa.levexis.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
pubads.g.doubleclick.net
r.turn.com
r2---sn-5hnednsz.c.2mdn.net
r2---sn-5hnekn7k.c.2mdn.net
rr4---sn-5hne6nzd.googlevideo.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s-img.mgid.com
s.tribalfusion.com
s0.2mdn.net
samsung-germany.demdex.net
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.tailtarget.com
t.teads.tv
tags.juicebarads.com
tags.t.tailtarget.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
tr.blismedia.com
tt-11382-4.seg.t.tailtarget.com
ui.cleverwebserver.com
ups.analytics.yahoo.com
us-u.openx.net
www.chatbro.com
www.flaresenha.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
z.cdn.fsmads.biz
z.cdn.trafficdok.com
3d9b9dc8b6230b4fa987681b4aabaf39.safeframe.googlesyndication.com
www.googleadservices.com
www.googletagservices.com
142.250.180.198
142.250.180.226
142.250.27.155
142.251.208.98
151.101.194.49
162.19.138.119
172.217.19.98
172.64.154.237
185.29.134.248
185.64.190.78
185.80.39.216
185.86.138.153
185.89.211.12
185.94.180.125
190.89.238.70
190.89.239.12
190.89.239.168
2.18.36.193
2001:41d0:701:1000::96f
2001:678:cb4:bbbb::11
213.155.156.169
213.19.147.45
213.227.149.183
213.254.244.105
23.203.125.36
23.35.209.30
2600:1f13:800:7781:42a4:ee06:e1a9:8972
2600:9000:223d:2000:17:1c9a:3a40:93a1
2600:9000:2304:dc00:8:48e:53c0:93a1
2606:4700:10::6816:3456
2606:4700:1::6813:854e
2606:4700:1::6813:884e
2606:4700::6812:19ad
2606:4700::6812:19f6
2606:4700:e2::ac40:8325
2a00:1450:400d:803::2002
2a00:1450:400d:803::200e
2a00:1450:400d:805::2001
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:807::200e
2a00:1450:400d:808::2002
2a00:1450:400d:808::2003
2a00:1450:400d:808::2004
2a00:1450:400d:808::2006
2a00:1450:400d:808::200a
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200a
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2001
2a00:1450:400d:80e::2008
2a00:1450:400e:11::7
2a00:1450:400e:13::9
2a00:1450:400e:2::7
2a00:1450:400f:80b::2003
2a00:1450:4025:401::9b
2a02:26f0:11a::217:9a82
2a02:fa8:8806:16::1400
2a06:98c1:3120::c
3.10.72.72
3.124.119.57
3.125.102.19
3.126.56.137
34.102.185.99
34.149.12.213
34.240.83.138
34.255.210.6
34.96.105.8
34.98.64.218
35.186.193.173
35.190.0.66
35.201.123.184
51.89.9.254
52.58.51.57
52.58.82.235
69.173.144.138
76.223.111.18
85.114.159.93
85.14.248.91
85.17.31.162
92.123.36.4
98.98.134.241
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0313c42048efbbd0b5ea187ac6bb5f9f6fb8a99776b3cb981c346243b8e0e978
04950e48cd4097fb4a540c3abcf445cd92d59bdf9ba40f49cfb180cc94387a2f
05b7286cd07d7e6fa43352322f67c4d650d85cc886545e888faa759d183b6353
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
0881e41f5f6d50807cd33f5dfad23abc851c653beeacd8e5c3a62e41adf3fd13
08cb37d18c2c7fc6d4202a2b5e14c95b8c6891bd2283b4a6b0486c6bb8672288
092df5c734e99dad749258ffcb6175fb56291350c9efd6e565121736378d6a00
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0ab1dd78545bd9a8afc92d5477ee72b022818f1d5c964f64a0213b15811b11b7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbe7b5f249bfd08815fb3fcbf17b657396e30a9bf95bfae1b99bb87ee240590
0eb3fe3a39839ff94aa2ddca739e274b3abe59d39dd6af926f17d9460f6ca31f
101bbafebbf92ce1daa2e013786964abf0a1bcfc80e1fbbbbcb72db6bb2d118f
10d087795ec22a6aca155419bbe23614b0000231fb175829b76c8d4559c46e28
11a8c5fd5cea47e4a1cc188c8860e1854ec0248956b163cf0d984a4425dd20fd
11e26dec596142c21e667ba0ac19e731f6f65f2a5151f6f7515486bba9eacc6a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
142124a0fcc5e347736330a2799e66513606ac0bfcdb0236388a1d8a2b42998d
142c617a22d3913ed0981d9fbedd455362e2642722f32cff4128d1e720572c35
15ae58361663c22fb01bc0a5def542d14b770493b2ecdca62d4dc3bd20d6e031
163a89e59b219649c013ead3230f372f0e7dca9c8ea0dc0463f991b671b14404
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
1966cf1d89e891edd2ffab700342a8fdac95dfad5e0f502e85c85a9b8fd36090
197b272d98bc82d24c587e2aa75707864798c8c1115059baf6512f1753873427
19eb765b0d061355ef5bacfe138b01082b753a726388ecc614977aeb6f6b8f5c
1a3ae8e02f48b4c2384be545382225ae5e1baeb0b502595c0c424d94153266f6
1c468f25c66a9aeaa637ca5244f64ec7f967734b2dc2aa92b667cf5316155e81
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20ace21a6a85fac08d353bd798f34c2c3d91764b2865a561d32f50a4817c7c8a
236c40b7e8e05fff08405da0ce581d73fdf323b9a626c9488b6ad65db5da228a
24c53099d9125394fa11e9ad8345a58578aac01ce53415fe6c7a922f94b9fd5b
263c4fc9e5cd140d6a05b6a69429e70bf47b494701d07d4814294f88d3742596
2664598acea6bde8202ee012fd98ee827a525a6b2dad85813b82d8cd07e7a481
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28afc13606efa1e9b752687c7f915cadf83dc0027f92a0a81bc13b9fe72bc85b
29578a238737a2f109e6ceea51d70a3bacc34064dbc76e859ad3c6e5db915dd2
2a47c4e1b4122fe69ace029049f6f1a8834e53318e2010718cf70cf1d15dd429
2ac699fcaa3fac85032e280c3cde8be89fbf7080f7e076c9dc457a5e65face27
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc4bec5aa587ed13e12d557bd8e225a9fd0f8aeb140544d97819f407dcff4ee
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
2f659d1127e229da4e21081430f10f98cbf39dd97c1af26ca8fc35bd98a0f2e6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fba942fdc24deaafead30a2a45d52a2f4618b0cb54ce4b8ead3ccaa75fc826
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3429390511f9e1aebc55091d471bd94479f31c61b455086c545dae5a9a8631c8
35754d68cf567e2e0d32bc1a46a60622b52ae839d0eea3f7442f7aa1ecd37758
36fb8b973ca16b28c844f2b17e1cdce0236318f53581b3ce3007d95960be3488
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
39236128fe5c0e392d70d5f7408240e5cbde2a6458e70e025b5c50781aee8270
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3ca4b5522ca30deee66641c79ce1b695cd4c7dbc19940a07345406cc1da96f4e
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3d52da323f1ec2e2014a666f7755ba95f98613c27ddb7872e341f123a04606bc
3f1e27606d008685bb701d646e046ae2485ef18f96807b65da3ae000fbe6983f
3fadf99638094a841349a5bc82be83289b9b7c795838626f5ab8462763bad224
4095a4b2df08c930bd39079b21d8825f80a9062ae2eb4734972a8a0a01dd9de6
425ff74c28c405b2de272aacced0d63b4d2d42c495727d6c90e4336d8ae2f76b
42ad0032a82731094cecf27074df2c734327ad5208d630fbd5c3b56e2a68e1d3
436b53d7fd33c6f41b216420986b182aa1a783d44d8efdcba9e3377f704d8182
45f76e06a4f9e2cf17c0a5369b5431deecf8a3e3663968b1697ba3036d5d614e
462b3b3f944b7eee7761151ce4897674ff34f08e05a47e787fde16b52701ec96
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a278025cea905349e975bf082b6d027e22a536a4b3d370afeb04d8fc5b2ca4
489a45ee74f1b8cba3b5f652a17bb4c9259556f950d1b42b1da357f613182161
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
495a34bc470445f2f515e96a4f0e6eaa68b79605d12f772a0574132ea1aa1421
4974622fff31e0fe9dcc6c31c33e3f74dfb665d2678bd876ab807506e3bab60c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf057c05ea478e2c9eabdfcbe7eb8bed0f1e5db3181bd3b5c931f46badf8fa1
4c1d80c0d9a7c5694307d548acd126727c9e682ca8693d7cc579259f003a2d73
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
4caec19fb48c8b123d8f1dd3443f2bd70863adf6408db3ea83b1ee46df65c454
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6bf080d39316889c05eaa2c201392ada3426fcde31460785978fb202e20d54
4ed0e5f7f2781df38e18255e043f49a980bd56d8c0f99675df18c67ac9d7e896
4f5263cfba730eeb8fc58fc292d855f3ec45d6313375848e57edb341466e0509
4fb47134411c0993a163895f909a8d27b38b6f419af4777c87b2cb4c8dd85894
5026abb5780b1a184cd85e18e7221ddbde1753b597897c691aec5625aba7ef4a
5054ab369966fea3657ac6af00c3bc47bdc9e7b5114e61d1764be06213ca9781
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505f3bfd3582a6fd8bf79ffc45ca2fbcd03ea35c54d42c7405fe757cb85e9549
519ce7c4118d11ad09baf4fadc7b01179856d783cbf6a379b0ab1a3edb647b67
519d5bd967e0830146e37151a545865f3d8ce232d3586b5f65e7bed8baefb871
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
524c55c8d2300cce448d346b995650dc7fcd703ab0c3734c057147b5c69d3773
535d38ebf60490b0f4204db7d22c144876ed3575bd79d618a250f233dcecb303
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
5509d811f201859d1668253c3488ec74d3b24d28fd9f6a3f42e9c612763ce443
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
594619f4fd4752eb0553a6bb8c65d95edcf9443d43895c7bfcc3b20ac6e3a0c0
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
598a26c3e45c18d7c30ed10d4dcec143cc96f3b86873dd7956f3b928addb4808
59f8c560416b97eca5e02b75ba527d6dbed3403648596d255fd360360633853e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ad301161c3eb1764be0043e612745b4d9a13ab53036f5e664d677b18e1e1180
5c7757ce4762834d6a9f396900a9ae071a02eac623dfbd1eeb0667b7c1226d00
5cbc21ba29bbbf743d17b37885c74f746773fd27538d338f35de197cb3f9fbb3
5cd2ec981ae1aed8c6cc1ee705c0a8d9c5613ca14fec9301a77e6198962277df
5e514e934e339021255374a8441caa10fafdfc8e5886daf3f807ce5a7f9e4191
5f06b527133a0d5ca84093527200cd85749ec816872313431d74b40f416ebcbd
5ffd0d7eda36b8e9cca9c1a9e78d196dde0c1e1804e1bd58072f7449d521c3fe
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
616e51fffe55c74ff51057d54fa4af49e0dd6ed882e312105a14d5f343f86362
619ae81b00bc325e12926c7636579808760d1446ecb533288c04517e7efe25eb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
669829e44802166195d64df52e724a0abeb85241474ea05d648012e20b64ffa0
678d5f8da302302c288be75b8a7b97403fcf5810c8b364c21104166560e29b5b
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6851728d133089ee1e2c81db4467283ee4de402ffda2a7202d39aefe2c70a28e
693c52167965842cd438402afcedea02f31996bf37f7933ea521e239696bc4b9
6a157ebfa6a64f5d184cbc3280ced7fdd0bcd990e2ad1075a9c0f0a70def5b28
6ab2a80a2b15147970d7541739f77581c830e997316afaff16b73c761c0942be
6f13db56f0224b155c3bea9632dee053ecaf5144637a577d9e7ae82bc777e95b
6fdd4e9b40aca531e10530f776c3fbb6ef8c74d360d93a75a23cb22153fbecbc
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
725ddc7aa515f9636fc7aa33fbd83803cea8b725342fc088e58ca6822ecae47c
729a7b16cb901a8ec09432e92a332633a045124ad52cd8b012219c10fbc0b817
76500fd6c6f9f00c027f2eed09ec3ffc748b6b6ab777225bc6347af08b0c6740
779ae1e963b5e8a5263625a174e34dfcd073775f2893211fc7e304fb70f0e3a7
77f34d8cc57c95b3e527f6707fa6bd2532e3857544c83cea4b47cf1a13318f72
787abeab87ac12017bfcefe96f0ae5eacfa662335f0a970a2280d4893dd082ec
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7c1fc1f22827f0dabf3486fdc286f1c909e7acc4b5999365b9328c36c18d17d7
7d6cda9d1e37c1bf18d2062b25b4a312de8aa35f79459bce17c78fd7bbfb46a6
7e59de22c6072d54a3ef78dc879a5d0f08233ba9c4f913eb010cc89b61e3ac33
7ebdad33770ca8a7fba3e860be0f86025592d52849410324eb529bc720bc84dc
7f24972cda0f27bcfb106a9ee5cf686397c09e9940b6ed8dd04218a8b7020ebb
7feee2b5dd44976a5d21797f47d6137ab1829d12fbcec2b1671664e1078e43c4
80c2ac986201217f1574d4f955599ce363f44e6fcb3eef4184fb6a21539441af
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8556fd48cf33ca3028e3fff4042979f224987ee317cc9032dd5bba996b363009
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
86b9a9d53a13316c19fbdc32a1aba1995fa843ad69e91596d697b7984e706c75
86ec3d619a805fd0686314a902e6958e429b6edcaaca519e7b76a3f3564c2a2a
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
89103fc410a9dc045f6e922db7c983611e7eebc27bb41f5e902b58507dedeb6d
8b7192a4dac506356fd04c9d26671a49f1ce9fb546fc930b564b7b812c0301ae
8c082bece010e3d7fb4120f165a47bb64f589a22abcef2935485c58eb544f246
8c64f55a5448751409418c195c34fdb8cab1dfa25b41eacf7e08f1dbab8c7555
8d94e615621b790f181ce63966747b89a4c62348b6310cdadfe459314e37570c
8f22e5a13e3ed485b3993c1333250b735e0d955192f54ac4dd880fce4a90d2e4
8fa27b9279ad366f04dbd20e554944252e67d941883166b9a79a30ca42a44dd5
9029f73a96c2d4c217f576b0112e4904b012dac75a997fae34508f2c8be7848c
9162c732a936d4eb0dce3bd456a303e37d79853ff460c8379700895cc86ff0df
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485
96915a5f1ca808fc1076bc123ff15c4b12ae1e78df5430f7a3e47af5300e6d2d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
970957f2aba651f460d86a701c183840492b6a744b1f44b14c32cb9ba0139648
997bb39190121881c4227f870f2fe4becbe8f47e9fcee91f665fd98c55eca960
9a7d8101fbe38aabd0075146f5301295d6789de4f6c7caf7d5b72196207bd538
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d8d33afc153ccba2ae98714452078ae2176c0bc7b4bca2c7592c4012c92529d
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
9e8b85c07b4f1b2a13d20749f4fd46d19f2b6587ae75bc10338466e7b9a57bae
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00560193a23afe331982724b3a5b8ee12a3ba5dfce097de1914efd12f955572
a2f63f18bbbe390a7a2d93c0f42bd05c549d856969ccba17ee2f1fc734a77f51
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5690916cbb21f200cf8c6f992cd57f96f5dea1638bbb022836911da20e12702
a85d1bc1eb555dfdb32546e1676a0dc3e8d01c98b33d952b9d1b27784a577bef
a96495736e304e92c2c59f020def4d40398dd58502ad7504281cab1e4a8ccf3f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa090378f8d8877e444a5adf5ff4a0e156f990f9fcb0c67b10c68a2f22c9a6b3
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
add24724c880c66c78a7488eef272196822a2f1baf47f13e6c2b2cf320082a26
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
ae51cf8a14c614f6de82f97fcaf7ca313be479df21d69900149947d190f22cc6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65
afaa31f56248e0c96b6fca225335c4db15ae5ac5304b5309f2c9322d3c0ecc16
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b120bdcb93a9d6948893935c847086162bb21da500488d594ef3b7ad67f9a64b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22d85a2c5f87dc04f5076e9a5bbb387676684f544af47df48326056d77d6d25
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b3725537144519bcf4973099420fafd90e98875a0fdbe68cd64ad741b7cf86e6
b4900f8af3f91b893e542f33be72efc2b56f8de85778c62f492a2aea8a1bbefa
b587f9fccdcf122342227870c7576d25874b01a22c31a057ca6d0536010d9ac6
b6bb99dc8d836156656d404e2dfbb4275f951ad3e84b606abd4feae1a568309b
b7733207cffdf30a54d5243350f4d55e696721a83a3022df349ce7ee17cbd3c2
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
bacfaf4f24a8c99c48c29e32293cd6207924d289b2bc1da4bbfeaf54b03f19b2
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
bc4dfd3949595b18884f31b9c6c199c4c1310c619816e96d428f733176c04978
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
bccb40c86c8ca6f7b81777c5614cc7fd3ea1346fed819e44efb21312470f43a7
bd1cccfe8f5e6ba05240e2ac5fc3e7df17b5c75faeb7adb4bbe7aeb4c81ac2f0
bd983426cfb24fd1009050a85112e648b965ccccb6c10494830696542eaa20c4
bf1a6afc4a7cb2a14c0cc71d68828723c82635e516160bc571deaffb2a77c6ad
c184938868342f29fb32d3fe9be380ed171a0dc25fac11fe3c3e358968098f7a
c18e89b3cb72af17e6e7f2cf13482224094f0842437650c765eb9f424a80b28d
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c39f86a593b09dcbb4e29d5344859c1267151bb116ed67a4a77f1e5e0e225e6f
c40af865339db7d58e5accda1a109f675fe5055ed39710a7b280478254e323bd
c7211fa67efca4033ac3d5cd647b80451900e24ebe3f43feab9411332b3f72e6
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c7a1125f0f178a5bd59ac15910b5e06e94821f182ac6006071c2409cde0f2a2b
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
cdfdf586f38cfb19c6264343cc6a64adce7ff0961834e96a2f912f01dc29e3f0
ce961d6fe35f8923aed93d1746fe61b6caf48b80daef3aebfadc2d65b5ec8530
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d026f555341e85649cd2edd6848b55b6cedfcca0c62bba5099e69b62ea713e40
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d144631af733437b73fba8e784ab694a97fab80476e82325f7a58f6408b28850
d22ae6bbaa3c79a6d31667177a7bf1b209536858fe3caf1a95a21af65d76f15b
d39cadf726b104e385bff773c15a69f5df333e2c9de116af1b6c55dbae802707
d3c5464c762ea6855487fb6122c1c21fa14f8e488ffe8b3d53400088727b3d6b
d3dbe61c0d4bd6843709a0c3287613e78c6699b608001771c5d02fc4927a81ff
d44ad22ec2d377c2fbf5ea484ff9dc9de9c9c2951bd60e439f48bf1933136102
d469de79b3e407080cfb1888ef6a5a193274025a5dec199a3021fef379882c1d
d4c45e9f5a70eeaa44b9acdf728f147e56be244c838404ced8ab9fac9ee61146
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d813de68c702196d2eeaa7e2e5d55167638741533191d3e5038e329ac3f54940
d85f6474893e823b6eb6ce2ad936235ff13be5d10d1c1dba6517f6dd3a731c59
d95cbf2e6dcc2b051c9706d8b1c710d65864730bc063b3dde8481e83faa16985
da933ef53458927e254187e40711b33abc36dafd95218f913db426cf3e676e20
daedf6d4662cd1dad7f1ec0faec6a794fc7855ebb94ca550d0037aa6a128210a
dbe4058523f610906d85674167371ba0faac6764766b2e06fbf245dc663d7648
e01ce8d3764a854636e5030b2a5ef1771a35510012f9bf2421163b3bd625396d
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
e0acfc0c79d2e9084f691532eb014e8523316e895df7f0f805591bb4097f6a3d
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e245098894c43ccd93ba26f271fe0b521dbdeb9dafb99034d94c5f418e8103b1
e245162876aaedb18584b8dddf3d7c352ce475940d59d2b7a35d802eaa3f0b7e
e2bc298e6bdfed6bba2707538ffbcb6e8ed6995f3376772d972adb298ce382a1
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2da64fc8e104c4ad6e0da0d23be37199d5e16314324a88cf49c5228e0eaaa99
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8495a83453325a04aee350bd6af8fafae0171210a9ee132e84e626219a1f26d
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
edcd989058e7b172a099429fae40de2dbde4ad585058251782e6373aca75a5aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0039931f5a8ccf66d55ddc48e0ffbe261003b2d7c75dd332b22fad61bfb633c
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f2d72766c3c14cb1092754cb54e0c39bac0e3b16e69406fb269da09129950c97
f3cece78973668b50c0fa355e7ec2e74650487062c5231c4aada5ca0cd9ab00f
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f45fc64875f337dd72fdf5bc91b4e4cd8e9c8920924860f75f8454a4d3814a0a
f51567dde53977ea68f87bb5e03881c44e556e838deac5f79ed34c7c363f9867
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c0b81c9f085c4c4eaff2f7a3ad05f8a7d6f50f8831e836551bcd0de576b7a1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74fcaf9c728521c218b7bf05a0bf7173b522e7769165c8f97fdf74734cf0907
f92681e4af4cfddc0de8b368d17d2f364d0e0fb34b96a768b1af46e5fdb19685
fad23fcca912c1ceff3baf2058198bd0ed894d1884f8adab567369912271c597
fb4dc9d14ed03e6ea9aa19de70cf01786c2ea2dd2660d2c88c6f857dcd3e6e4f
ff39d152a05c1657f5a722c7c7a1b991b5f39c6c59bb8aa4541273b7139dd1d2
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869